Facebook phishing attacks claim 10,000 victims in two days

Facebook phishing attacks have claimed 10,000 victims in two days, according to researchers from Kaspersky Lab. The experts said a malware attack tricked more than 10,000 users around the world into thinking their friends had sent them messages in just 48 hours.

Countries in South America and Europe, along with Tunisia and Israel, were the hardest hit by the infection attempts, the research revealed.

Poland, Greece, Portugal and Germany were among the top European nations affected. Between June 24th and 27th, thousands of users received messages from Facebook friends claiming they had been mentioned in comments, the researchers said.

In fact, this was sent by hackers to trick them into downloading a Trojan that installed a Chrome browser extension to give cyber criminals control of their Facebook accounts.

From there, the hackers could extract data, change their privacy settings and spread the infection to the users’ own Facebook friends.

Kaspersky said the malicious plug-in tried to protect itself by blacklisting certain websites, including those of major security software vendors that might detect it.

“Two aspects of this attack stand out,” said Ido Naor, senior security researcher for Kaspersky Lab’s global research and analysis team.

“Firstly, the delivery of the malware was extremely efficient, reaching thousands of users in only 48 hours. Secondly, the response from consumers and the media was almost as fast. Their reaction raised awareness of the campaign and drove prompt action and investigation by the providers concerned.”