The Independent's journalism is supported by our readers. When you purchase through links on our site, we may earn commission. 

Hackers infect Facebook Messenger users with malware that secretly mines bitcoin alternative monero

'Like many cybercriminal schemes, numbers are crucial — bigger victim pools equate to potentially bigger profits', researchers say

Aatif Sulleyman
Friday 22 December 2017 18:51 GMT
Comments

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Cybercriminals are using Facebook Messenger to infect computers with malware that mines cryptocurrency.

Security researchers the Trend Micro cyber security firm said "Digmine" is targeting as many machines as possible, in order to earn monero – an alternative to bitcoin – for its creators

It could also help cyber criminals completely take over a Facebook account, the researchers added.

The bot was detected by cyber security firm Trend Micro, which says "Digimine" is designed to look like a video file.

It only works when it is spread via the desktop version of Messenger, on Google Chrome. If you open it through Messenger on another platform, such as a mobile phone, Digmine won’t function as it is supposed to.

However, it can still be considered very dangerous. As well as having the potential to let hackers take over your account, it can also slow your computer down and use your Facebook account to target your friends.

“If the user’s Facebook account is set to log in automatically, Digmine will manipulate Facebook Messenger in order to send a link to the file to the account’s friends,” the researchers said.

“The abuse of Facebook is limited to propagation for now, but it wouldn’t be implausible for attackers to hijack the Facebook account itself down the line.”

Security experts recently told The Independent that bitcoin’s rapid recent rise in value might be making unsuspecting computer users more vulnerable to hackers.

It has led to more and more machines being secretly infected with malware that is designed to help cyber criminals “mine” for cryptocurrencies.

“The increasing popularity of cryptocurrency mining is drawing attackers back to the mining botnet business,” said Trend Micro.

“And like many cybercriminal schemes, numbers are crucial — bigger victim pools equate to potentially bigger profits. The fact that they’re piggybacking on popular platforms such as social media to spread their malware is unsurprising.”

The researchers the malware has infected people in South Korea, Vietnam, Azerbaijan, Ukraine, Vietnam, Philippines, Thailand and Venezuela, but “it’s not far-off for Digmine to reach other countries given the way it propagates”.

They have alerted Facebook to the malware.

The social media giant said: “We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook and in Messenger. If we suspect your computer is infected with malware, we will provide you with a free anti-virus scan from our trusted partners.

“We share tips on how to stay secure and links to these scanners on facebook.com/help.”

We’ve teamed up with cryptocurrency trading platform eToro. Click here to get the latest Bitcoin rates and start trading. Cryptocurrencies are a highly volatile unregulated investment product. No EU investor protection. 75% of retail investor accounts lose money when trading CFDs.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in