As technology and programs become more sophisticated, so do the viruses and malware that affect them. Traditional malware is transmitted as a program that users have to download onto their system. A new malware program has been developed to transmit over Facebook, and instead of infecting a system, it infects a browser, making it nearly undetectable to virus scanners.
The malware software is called LillyJade, and is available for download at underground websites. When a hacker downloads the program, they can modify it to meet their needs. They then release it as a browser plug-in (software that adds functions, e.g., the ability to automatically translate a website), to your browser. It transmits itself by sending messages to an infected user’s Facebook friends with a link encouraging them to download the plug-in.
At this time, the purpose of the malware appears to be to conduct “click fraud.” It shows fake ads on sites like Facebook, Yahoo and MSN. These ads are usually pay-per-click, which means that any time an infected user clicks on one of these fake ads, the hacker gets paid.
There are two interesting things about this program. The first is that it infects browsers, not systems. This makes it nearly undetectable to virus scanners, which scan for infected files on your computer’s hard drive. The second is that the program can be modified to run on nearly any browser regardless of the operating system.
Tips to avoid being infected Here are four tips on how to minimize the chance of being infected by malware like this.
- Keep your browser(s) up-to-date.
- Don’t click on suspicious links.
- If a friend messages you with a link, encouraging you to click on it, verify with them that they sent the link.
- Don’t install browser plug-ins, unless you’re sure they’re from a vetted source.