Cybercriminals hijack Facebook accounts through bogus browser extensions

Cybercriminals hijack Facebook accounts through bogus browser extensions

Summary: Researchers from WebSense are warning on a newly circulating fraudulent scheme relying on bogus browser extensions for hijacking Facebook accounts.

SHARE:

Researchers from WebSense are warning on a newly circulating fraudulent scheme relying on bogus browser extensions for hijacking Facebook accounts.

The add-ons, advertised as DivX plug-ins or coupon generator, use the Facebook API (Application Programming Interface) to post unauthorized messages on behalf of Facebook users who log in from the affected browsers.

According to the researchers, at the moment, only Chrome and Firefox plugins are used.

Topics: Browser, Social Enterprise

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • RE: Cybercriminals hijack Facebook accounts through bogus browser extensions

    I am alerting my group about this. How many Facebook hijacks are running at this time? Can you provide a list? Please advise.
    fw32
  • Facebook is a privacy and security nightmare...

    I discontinued this Facebook thing a couple of months ago....<br>These guys have built an empire for themselves selling our personal information for money.....and of course for target advertising<br>To make the matters worse, their entire structure is un secure and vulnerable to hacks, hijacks and are spending little resource and efforts to keep the users safe.<br><br>They are killing the golden goose which has made them so rich overnight out of thin air!
    Dwight Kunder