Facebook users warned: Rogue browser extensions can hijack profiles

Facebook users may have to be wary of a browser extension targeting Mozilla's Firefox and Google's Chrome, as it can hijack their profiles.

Jonathan San Jose of the Microsoft Malware Protection Center said said the threat, dubbed Trojan:JS/Febipos.A, was first discovered in Brazil.

"(T)his Trojan monitors a user to see if they are currently logged-in to Facebook. It then attempts to get a configuration file from (a particular website). The file includes a list of commands of what the browser extension will do," San Jose said in a blog post (http://blogs.technet.com/b/mmpc/archive/2013/05/10/browser-extension-hijacks-facebook-profiles.aspx ).

He said the malware can do any of the following on the Facebook profile it compromises:

Like a page Share Post Join a group Invite friends to a group Chat to friends Comment on a post

San Jose also said the malware contains a Portuguese message which, when translated into English, hints at a lure by claiming to have a video of a 15-year-old bullying victim committing suicide after showing her breasts on Facebook.

"There may be more to this threat because it can change its messages, URLs, Facebook pages and other activity at any time. In any case, we recommend you always keep your security products updated with the latest definitions to help avoid infection," San Jose said.

A separate article on The Next web said the threat appears to be currently targeting mainly Facebook users in Brazil.

However, it said the threat could easily be modified to target more users.

"The fact that it uses a configuration file shows that the criminals specifically designed it to be modular," it said.

"(Y)ou should make a point to only install browser extensions and add-ons from trusted sources such as the Chrome Web Store and Add-ons for Firefox," it added. — TJD, GMA News