SCAM: Facebook user accounts are Hijacking by hackers in the name of FB Hacking Tool

According to a blog post by Symantec, one of the spam video is going viral on Facebook which claims to allow you to get your friends’ log in credentials, but in real it hacks your own account.

This Video has seen by many Facebook users and they have been made fool, video claims to offer you a tool to obtain credentials for friends’ accounts, said Satnam Narang, security response manager for Symantec, in blog post.

Upon clicking the video you will be redirected to a document of Google Drive that contains a piece ofJavascript code which was instructed to paste on your browser’s console window-a feature which is used by developers and execute it.

That’s it, after executing the code, you Facebook account has been hijacked to like other pages on facebook whcih is likely to be spam or scam like this and also being used by some hackers to earn money and deliver likes and followers for pages.

This type of scam has been around since 2011, Narang wrote. Some of the words in theJavaScript code dating from that time suggest the authors may have been Turkish. The latest iteration, spotted last week in India, was likely adapted by scammers in that country.The scam recorded a good result last year, it was used to inflate the “like” count on some pages by 50,000 to 100,000, Narang wrote.

These type of attacks knows as “self cross-site scripting,” where user is tricked through various techniques to insert the malicious codes.

“Being able to hack someone’s Facebook password by just pasting some code into your browser sounds way too easy and should signal that this is a scam,” narang wrote. “It’s best to err on the side of caution and think twice before following instructions that ask you to paste code into your browser to hack passwords or unlock features on a website.”

Source: hackersnewsbulletin.com 

4 thoughts on “SCAM: Facebook user accounts are Hijacking by hackers in the name of FB Hacking Tool”

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.