The Japanese company-developer of software for cyber security, Trend Micro found in Germany, Tunisia, Japan, Taiwan, South Korea and Spain, the new outbreak of the virus activity FacexWorm. It is implemented as an extension for Google Chrome that gets to the victims of hackers via links in Facebook Messenger on the fake page in YouTube, and after the installation of hidden mines cryptocurrency.
In comparison with the appearance in the 2017 version of the virus is now FacexWorm can also steal user credentials, to direct victims to sites cryptogam projects, or referral programs, add code to the hidden mining sites and to replace the address in the transaction records on cryptomeria, including Poloniex, HitBTC, Bitfinex, Ethfinex and Binance and crypto Blockchain.
According to Trend Micro, the malware is already removed from the store extensions Google Chrome, but it affected few users, who had committed operatsii with bitcoins.
We will remind that on April 2, Google banned adding in the Chrome Web Store extensions designed for cryptocurrency mining, and by the end of June 2018 will delete all that have already become available to users of the service. Last month specialists Trend Micro has also revealed a hidden miner HiddenMiner, which masquerades as an app for Google Play updates, and after the activation as an administrator on an Android device produced on it in the background Monero.