Since yesterday, December 18, a new type of malicious code has spread very quickly through Facebook Messenger. They are distributed through Zip files sent as Facebook Messenger messages. The file name is usually in the form "video_ + 4 random numbers" , if someone sends you a message with such a file, don't open it!
This type of malicious code is written in AutoIT language, the main functions have been obfuscated to make it difficult to analyze. After the computer is infected, they will use it to mine cryptocurrency, causing the computer to always lag without understanding why.
When entering the computer, the malicious code will retrieve and send information to the computer to the address hxxp://ojoku.bigih.bid/api/cherry/login.php.
Next, the malicious code downloads and installs a malicious extension into the user's browser. This extension continues to spread malware files in video format to the infected person's friends. Then, this malicious code loads the other extension into folders such as desktop, taskbar, program.... by writing the Chrome Shortcut file.
Finally, the malware will restart Chrome for the extension to work and spread another type of malware used to mine cryptocurrencies, " Coin Minner ".
If you accidentally click on a malicious file, quickly edit the Hosts file on your computer and add the following lines:
127.0.0.1 ojoku.bigih.bid 127.0.0.1 plugin.ojoku.bigih.bid
If anyone does not know how to access the Host file on their computer, please refer to the following article:
In addition, as soon as you discover that your computer has been infected with malware, you need to use another device to immediately change your Facebook password and log out of your entire Facebook account on the infected computer.
Instructions for removing malicious code from your computer
According to the way CyRadar experts recommend, you can check if your computer is infected by: opening the Chrome browser, entering the following content in the address bar: chrome://extensions/ and pressing Enter, If this tab is automatically closed, the computer is infected.
If you can't remove it by deleting the file normally (or don't know much about technology), use some specialized anti-virus software to "handle" it in this case. Some current antivirus software that can remove this "money mining" malware include: Avast (trial version) or Kaspersky Antivirus. Before scanning for viruses, remember to update the latest virus list form!
However, the above methods are only solutions when encountering problems with Facebook malicious code. The best way to prevent is when receiving any strange files from friends or strangers, do not rush to click on them. In addition, you should also refer to the article on how to avoid reading fake news on Facebook so you don't "fall into the trap" of any scams.
Instructions for creating and searching for draft articles on Facebook. Currently, we can save articles that we have created but have not yet posted on Facebook. Here, WebTech360 invites
Instructions for checking who has viewed your Facebook Story. To know who has viewed your newsletter on Facebook, today WebTech360 will introduce a tutorial article.
Instructions for separating photo backgrounds on your phone using Mojo Cut. Mojo Cut is an extremely useful live background separation application. Here we invite you to refer to it.
Instructions for installing and swapping faces using the Reface application. Reface is an extremely interesting video creation application that swaps the user's face with the main character.
How to set up LibreOffice Writer to work like Microsoft Word, If you're planning to switch from Microsoft Word to LibreOffice Writer but want a similar experience
Instructions for inserting affiliate links into Instagram Stories. Most recently, Instagram allows users to attach affiliate links to their images and videos posted to the newsletter. Day
Instructions for turning off saving videos on TikTok are extremely simple, to help people block others from downloading and saving their videos simply and easily. So today, WebTech360
How to permanently delete Discord account, How to delete Discord account on phone and computer is not difficult. Below are detailed step-by-step instructions for deleting a Discord account.
How to create a GIF fireworks greeting card for the new year 2021, To help everyone create a happy new year card to send to friends and relatives, then
Instructions for creating transparent song frames. Today WebTech360 will introduce to everyone the steps to create beautiful and impressive transparent song frames.
Instructions for creating genealogical charts and organizing them on Google Sheets. Google Sheets is an online office application that helps us easily edit online spreadsheets,
Instructions for registering a Clubhouse account, Clubhouse is an audio chat social network, allowing users to organize and participate in audio chats with many people.
Instructions for setting up Privacy for TikTok accounts. Like other social networks, TikTok also allows users to turn on Privacy mode for their accounts.
How to beat the drum to open the school year 2023 - 2024, How to beat the drum to open the school year 2023 - 2024 will give very detailed instructions on how to beat, the types of drumming and pages.
How to convert a photo to black and white but keep one color in Photoshop, How to make a photo black and white, except for one color in Photoshop is not difficult. Here are the details
Instructions for creating styles for messages on Viber. Recently, Viber has launched the feature to set font styles when texting. Next, WebTech360 invites you to join us
Instructions for making a chip-embedded Citizen Identification Card at home on Zalo. Currently, we only need to perform a few simple steps on Zalo to be able to register as a chip-embedded Citizen Identification Card.
Instructions for viewing song lyrics on Youtube, Today, WebTech360 will introduce an article on instructions for viewing song lyrics on Youtube, please refer to it.
How to import and manage multiple email accounts in Gmail, Want to manage all emails in Gmail? Let's learn how to manage and add multiple accounts with WebTech360
Instructions for using Mocha AE to track motion. Mocha AE helps users track motion when editing videos easily. Below is how to use Mocha AE.
