Crypto Mining Bot is Taking over Facebook Messenger

Last updated: Mar 30, 2023
4 Min Read
AI Generated Summary

Mining Malware has been spreading across the web like the plague.

From JavaScript mining code to specialised mining malware, hackers have been having a field day mining coins on the machines of some unsuspecting users.

In all of these cases, the cryptocurrency of choice has been Monero. This is because of the nature of the privacy protocols which hide the transactions and addresses.

Now, it has been reported by some cyber security researchers that hackers are using Facebook messenger to spread some more malicious mining applications.

Malware Bot

According to the research by trendlabs, the mining Malware is spread through the popular messaging application on Facebook.

They have named this malware "digimine". This was first picked up by the researchers in South Korea yet has spread to other places such as Ukraine, the Philippines, Thailand and Venezuela.

The Bot is able to spread really quickly due to it using infected systems to pass on the Malware. These are sometimes termed "Botnets" which are commandeered by the hackers.

Although the researchers do not point a finger at anybody, it is more than likely that the Malware is being spread by North Korea. This is because of where it was first picked up.

Digimine's MO

At first, the victim will get a link sent to their Facebook messenger. It will look like a video file that they can download.

However, when they click on the link it actually executes a script that effects the desktop and web versions of messenger.

The malware is able to get control of the Chrome browser upon which it downloads more scripts and plugins. These will then be used for the undercover mining operation by Digimine.

However, that is just the first part of the operation. If the user has set Facebook to automatically login then Digimine can take over their account and use it to send the link to their contacts.

While the account of the user is only used to spread the Malware, the fact that the hackers have control over it means they could use it for other purposes. According to the researchers

it wouldn’t be implausible for attackers to hijack the Facebook account itself down the line

Cyber Security Best Practices

Thankfully the researchers were able to identify this rather early on. They alerted Facebook which then removed many of the links that were already sent out.

Yet, as cryptocurrency prices continue to rally, attacks like these are likely to be much more commonplace. Hence, it is up to the user to make sure that they take appropriate steps.

Clicking on Malware laden links is a sure-fire way to infect your PC with all types of nasty viruses. This includes not just miners but keyloggers and cryptoshufflers.

Hence, if someone including your friend sends you a suspicious link, don’t click on it until you are certain that it was intentional.

Featured Image via Fotolia

Editorial Team

The Coin Bureau Editorial Team are your dedicated guides through the dynamic world of cryptocurrency. With a passion for educating the masses on blockchain technology and a commitment to unbiased, shill-free content, we unravel the complexities of the industry through in-depth research. We aim to empower the crypto community with the knowledge needed to navigate the crypto landscape successfully and safely, equipping our community with the knowledge and understanding they need to navigate this new digital frontier. 

Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.

Previous article
Fallout from the EtherDelta Hack Continues
next article
Nigerian Start-up Uses Tokens to Take on Remittance Giants