There is a new strain of malware making the rounds on Facebook that packs a unique punch. Dubbed “Instant Karma” by researchers, the bug comes packaged in a fake software program that promises users the ability to hack other people’s profiles. In other words, the malware’s victims are themselves up to some pretty shady business.
Once a would-be hacker downloads the bug, it plants code into the background of the victim’s computer to steal their security credentials. And this malicious program doesn’t seem like it’s going away anytime soon. The research team behind the discovery, LMNTRX Labs, told TechCrunch the password stealer appears “very widespread and growing.”
“The attackers also seem to be sophisticated marketers who understand there is potentially big demand for the purported service,” the researchers said. “The target market goes beyond a typical hacker subset (if there is such a thing) and targets the general user who may be tempted to get inside someone’s Facebook account (friends, enemies, significant others, et al.).”
It’s hard to feel bad for wannabe hackers who fall for this trick; after all, they’re getting a taste of their own medicine. However, there’s no such thing as good malware, so hopefully Facebook eradicates it soon.