New Malware Automatically Posts Facebook Comments

Dennis Faas's picture

Microsoft has issued a warning about a new type of malware that assumes the form of a Google Chrome extension and Firefox add-on.

The Trojan horse is reportedly designed to target the Facebook accounts of its victims and, once a machine is compromised, performs a number of automated social media tasks, including "liking" certain pages and posting comments.

The malware, which was first detected in Brazil, is named 'Trojan:JS/Febipos' and operates by checking to see if the current user is logged into Facebook.

If this is the case, the bug attempts to download a configuration file that contains a list of commands. These can include liking another page (or comment), sharing content, posting on the walls of friends, commenting on pre-existing posts, joining a group, or inviting friends to join a group or chat with friends.

Fresh Updates Add Credibility

The Trojan attempts to keep itself updated with the latest instructions from its malware authors. (Source:

To see how the malware works, Microsoft representatives monitored a Facebook page that was known to be the recipient of such bogus postings. Not surprisingly, the volume of 'likes' and automated commenting increased significantly in a matter of hours.

In a recent security bulletin, Microsoft claimed the Trojan horse can "alter messages, URLs, Facebook pages and perform any other activity" at the discretion of its creators. (Source:

Malware: A Regional Issue For Now

Luckily, this issue appears to be, for the time being, only a regional problem.

All messages are written in Brazilian Portuguese and there is no indication that the malware is being used anywhere else in the world.

Nevertheless, insiders say they believe those behind the Trojan have designed it to be modular, meaning that friends of victims could find their machines compromised in the future.

Microsoft warns all individuals to only install browser extensions and add-ons from trusted sources. It's also telling Facebook users to sign out of of their social networking accounts when they're done using the site.

Rate this article: 
No votes yet