Undesirables are using Facebook Messenger to spread infectious links to fool users into downloading potentially harmful adware.

Trust no one

Speculation on how the spread occurred suggests hackers may have used anything from “clickjacking” to hijacked web browsers according to Kaspersky Lab cyber security expert, David Jacoby.

Tactics such as tricking users into clicking a seemingly personalised link has resulted in users downloading malicious adware.

The “personalised link” came in the form of a short message with a surprised emoji and a short Bit.ly link, bringing the user to a Google Doc landing page with malware disguised as a playable movie.

What does it do

When clicked, the malware redirects users to a host of websites analysing your computer's operation system and browser. The tactic has been called “domain chaining”, many websites redirecting to one and other.

The adware can catalogue anything from browser info, cookies, geolocation, installed plugins, and even your operating system. The result leads to monitoring your browsing and displaying false ads.

Users fooled by the initial link are brought to a site mocked-up to look like a YouTube page or Flash update depending on your browser. When clicked, the adware is uploaded and the deed is done.

Though no Trojans have been reported as a result of the malicious ruse, the scammers are making money off the redirected adverts as well as gaining Facebook login info. Be aware and avoid suspicious links.

Have you been hit by the Facebook Messenger hack? Let us know in our comment section below.