Security researcher Bart Blaze has discovered a new form of malware spreading on Facebook. The malware is disguised in a seemingly innocent image file which when downloaded on a computer ends up automatically downloading more malware to infect the machine. The malware is being distributed via images in .SVG format through Facebook accounts that have been compromised.
SVG image files are a bit different from other conventional image file types. They can carry embedded content like JavaScript and are capable of being opened in a modern web browser.
Clicking on a malicious SVG file on Facebook will open a website that’s masquerading as YouTube. The page then asks the visitor to download a codec extension so that they can view the video. That codec is simply more malware that gets installed on the system once the user is tricked into thinking that they actually need a codec to view a YouTube video.
The malicious extension is said to have the capability to alter user data and even compromise the victim’s Facebook account. That’s what helps spread the malware in the first place.
It’s unclear how the malicious SVG file was able to go through Facebook’s file extension filter but the social network has been notified of this malware. The dubious Chrome extension has also been removed. Until all traces of this malware are removed from Facebook, it would be best if you refrain from clicking on any SVG file on Facebook.
. Read more about