A malware outbreak is attempting to extort money from users by telling them their Facebook accounts are in danger.
Researchers from security firm Trusteer reported that the Carberp malware was being used to trigger a mass extortion campaign. The malware replaces the landing page for Facebook on locally installed systems with a fake alert page.
Known as a 'man-in-the-browser' infection, Carberp works at the local machine level, intercepting HTML files and replacing them with locally generated attack pages before the site can be displayed in the browser window.
The page claims that a user's Facebook account has been locked and that the only method for retrieval is to enter personal information along with the number for a €20 Ukash online currency voucher.
Malware and botnet operations have been targeting Facebook in recent years. With hundreds of millions of users on the service, fraudsters have been able to play on the heightened level of trust users have for messages and alerts claiming to be from friends and administrators.
Trusteer chief technology officer Amit Klein, noted that Carberp is unique in the way it utilises Facebook. Rather than attempt to harvest account details and spam message feeds, the malware uses Facebook's good name to fool users into sending money.
"The page claims the cash voucher will be 'added to the user’s main Facebook account balance', which is obviously not the case," Klein said in a blog post.
"Instead, the voucher number is transferred to the Carberp bot master who presumably uses it as a cash equivalent (Ukash provides anonymity similar to that offered by cash payments), thus effectively defrauding the user of €20."
In addition to the use of anti-malware and browser security tools, Klein advises users to keep a close eye on any unusual requests for information or cash transfers, even from otherwise trusted web sites.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago