A new piece of malware that takes the form of fake extensions for Google Chrome and Mozilla Firefox which in turn hijack Facebook, Twitter, and Google+ accounts has been discovered. Users of these browsers and social networks are lured into downloading what they think is a video player update. To make matters worse, the threat is digitally-signed.
The malware, which was first discovered by security firm Trend Micro, is detected as TROJ_FEBUSER.AA. It installs a browser extension for Chrome and an add-on for Firefox, but doesn’t adapt itself to Internet Explorer, Safari, nor Opera.