The virus has been christened Facebook Color Scam in a post by Cheetah Mobile. There have been similar attacks in the past of viruses masquerading as color changing apps on Facebook in the past. Cheetah Mobile has unearthed the return of the scam. It is believed that the Facebook Color Scam has already scalped more than 10000 users across several countries.
The particular virus appears as an innocuous Facebook app which can be shared and posted on the news feed. Clicking the links will find the user landing on a phishing website. The virus takes advantage of a susceptibility which can be found on the app page of the Facebook. The susceptibility enables hackers to plant malicious code and viruses into the apps on Facebook which then sends users to dangerous phishing websites.
The code is planted in a way which makes the users think that they are visiting the “apps.facebook.com/themsandcolors,” webpage and instead land on a phishing website. The hackers can go through two options –
The first option is to rob the access tokens of the users by asking them to view a tutorial video on the fake color change app. As soon as the user views this video his access tokens becomes vulnerable and the hackers control it to get access and connect with his Facebook contacts.
The second option comes into play if the user declines to watch the video. In this the user is made to download a malicious program. If the user happens to be on a desktop computer, the website will redirect them to a site to download page of a porn video player. However, if the user is using an Android device, the site will display a message which reads the device has been infected and the users will have to download a suggested app.
Now what is the remedy for this virus attack? If you are one of the unlucky ones who have been a victim of this account, you could bypass the hack by changing the password and then proceeding to the app settings of Facebook and removing the color changer app from linking to their account.