The malicious Chrome extensions were uploaded to the official Google Chrome Web Store where Chrome users download as their browser add-ons. Once the fake Chrome extension is downloaded it has the ability to hijack Facebook accounts, apparently stealing Facebook information and using it to hijack Facebook accounts for whatever criminal intent the whack jobs have in mind.
Gizmodo even reported that the malicious Facebook-jacking extensions are even advertised on Facebook. The ads claim that it’s possible to change the color of your Facebook profile page, track profile pages and presumably add unicorns and vajazzling to it too. Of course, some unsuspecting tween might fall for it, get re-directed to the official Chrome Web Store page and assume all extensions are safe because they’re on the official Google page. Unfortunately, they’re not. The extension will hijack your Facebook account, spam your friends about this new extension and then Like pages without you knowing. It’s a dirty process done by people who sell Likes to companies, Gizmodo reported.
The malicious codes pretending to be legitimate Chrome extensions comes in different forms, one was even labeled as Adobe Flash Player. So it is highly important for anyone downloading extensions often for their browsers to double check the source of the extensions before downloading them before it’s too late. Remember, complaining to Facebook that your account was hacked takes weeks to be answered. I have once lost a Facebook page from hackers and I was not able to retrieve it until now.
The infected Chrome extensions were allegedly done by Brazilian hackers, according to UberGizmo. It was discovered by Kaspersky Lab that the malware-laden Chrome extensions are being uploaded to the official Chrome Store, and poses a great risk for Chrome users since, it is from Chrome store thus easily tricking them that it safe to download.
However, according to UberGizmo, the attack of Facebook accounts was largely reported in Brazil and Portuguese speaking nations, but there are no data yet if the malware infected extensions has also affected users from other countries.