Skip to main content
  1. Home
  2. Computing
  3. News

Cryptocurrency mining bot spreading via Facebook Messenger in Chrome for desktop

By

Facebook Messenger
TechCrunch
Security firm Trend Micro reports that a cryptocurrency mining bot is now spreading through Facebook Messenger in Google’s Chrome browser for desktop. Called Digmine, it was first spotted in South Korea, and has since spread into Azerbaijan, the Philippines, Thailand, Ukraine, Venezuela, and Vietnam. The bot will likely show up in other regions soon given how fast it’s spreading.

The report doesn’t say how Digmine began spreading through Facebook Messenger, but it appears in the chat client as a non-embedded video file. When the recipient clicks on the file, the so-called video — which is actually an executable script — downloads components from a remote server to install a Chrome extension. This extension will either continue to stream a bogus video from a “decoy” website, or log onto Facebook to spread the malicious love to friends.

Recommended Videos

Typically, Chrome extensions can only be installed through the Chrome Web Store. But the Digmine setup bypasses this requirement by installing the extension through a command-line interface. During the installation process, the script will receive its configuration through the remote server, and instructions to either load the site hosting the bogus video — which contains additional configurations — or access Facebook if users have Chrome set to automatically log onto the social network.

“A known modus operandi of cryptocurrency-mining botnets, and particularly for Digmine (which mines Monero), is to stay in the victim’s system for as long as possible,” Trend Micro states. “It also wants to infect as many machines as possible, as this translates to an increased hashrate and potentially more cybercriminal income.”

While running, Digmine will silently mine for digital currency in the background as infected users surf the internet. The mining component, listed as codec.exe on the PC, is a modified version of an open-source Monero miner called XMRig. It remains in contact with a remote server as it silently generates the Monero coins.

But Digmine could be used for more than just mining Monero. Based on its design, hackers could eventually upgrade Digmine to completely hijack Facebook accounts. Since it is basically controlled by a remote “command” server, hackers could simply update the code to seize Facebook accounts accessed by infected PCs. Trend Micro provided its findings to Facebook, which immediately removed a large portion of the fake video links.

One sign of infection stems from the installation process. If you clicked on a Messenger video within Chrome, the browser will restart as the extension installs and loads. Moreover, browser-based cryptocurrency mining consumes large amounts of processing power, so your PC may feel sluggish, with your fans spinning at an unusually loud level.

In both cases, navigate to Chrome’s Customize and control button, and select More tools > Extensions in the drop-down menu. On the resulting page, trash every enabled extension that looks suspicious. Of course, the best way to avoid infection of any kind is to not click on files and links sent through Facebook Messenger. But given that friends you trust toss links back and forth every day, avoiding malware in that manner can be difficult.

Editors' Recommendations

Topics
Kevin Parrish
Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Power up your tech game this summer with Dell’s top deals: Upgrade for a bargain
Dell Techfest and best tech on sale featured.

One of the best times to upgrade your tech stack, be it your desktop, a new laptop, or some high-resolution monitors, is when great deals are to be had. Well, I'm here to share that thanks to Dell's top deals, you can power up your tech game and have most of the summer to make it happen. Maybe you're happy with your current system or setup. That's excellent, but you're likely considering upgrading somewhere, and that's precisely what these deals are all about. Dell has a smorgasbord of deals on laptops, desktops, gaming desktops, monitors, accessories, and so much more. We'll call out a few of our favorite deals below, but for now, know that you should be shopping this sale if you're interested in anything tech-related.

 
What summer tech should you buy in Dell's top deals?

Read more
I love the MacBook Pro, but this Windows laptop came surprisingly close
Apple MacBook Pro 16 downward view showing keyboard and speaker.

There are some great machines in the 15-inch laptop category, which has recently been stretched to include the more common 16-inch laptop. The best among them is the Apple MacBook Pro 16, which offers fast performance for tasks like video editing and the longest battery life.

The Lenovo Yoga Pro 9i 16 is aimed not only at other 16-inch Windows laptops but also at the MacBook Pro 16. It offers many of the same benefits but at a lower price. Can it take a place at the top?
Specs and configurations

Read more
How to set an ‘Out of Office’ message in Microsoft Teams
Person using Windows 11 laptop on their lap by the window.

Many people use Microsoft Teams regularly to communicate with colleagues both inside of the office and remotely. It is considered one of the most efficient ways to ensure you can stay in contact with the people on your team, but what if you need to let people know you’re not readily available? Microsoft Teams has a method for you to set up an "Out of Office" status for your profile to let staff members know when you’ll be gone for the afternoon, for several days on vacation, or for an extended period.
Where do I go to set up my ‘Out of Office’ status for Teams?
It is important to note that your Microsoft Teams and Outlook calendars are synced. This includes your out-of-office status and automatic replies. So, whatever you set up in Microsoft Teams will reflect in Outlook. Similarly, you can set up your out-of-office status in Outlook, and it will be reflected in Teams; however, the former has a more straightforward instruction.

First, you can click on your profile icon in Teams and go directly to Schedule an out of office, as a shortcut. This will take you to the settings area where you can proceed. You can also click the three-dot icon next to your profile icon, then go to Settings > General, then scroll down to the bottom of the page. There, you'll find out-of-office settings and click Schedule.

Read more