Browser extensions associated with Google Chrome and Mozilla Firefox are being used to hack users' Facebook accounts, according to Microsoft researchers.
In a May 10 Microsoft Malware Protection Center blog post, Microsoft researcher Jonathan San Jose wrote that they had received reports about "malicious browser extensions" attempting to hack Facebook profiles.
Identified as the Febipos Trojan, the malware specifically targets Chrome and Firefox browsers and attempts to update itself, monitoring users to see whether they are logged into Facebook.
From there, the malware can do anything from like a page, share, post, join a group, chat to friends, post links or comment on a post on Facebook.
"At the time this blog was written, there were more users 'liking' and 'commenting' on the Facebook page that this malware uses – so there's a possibility that there are more people continuing to be infected," the blog post states.
The news highlights the importance of having a thorough security audit of your enterprise IT networks.
Cybercriminals can strike from anywhere, and having your security compromised by malicious malware such as this can pose a significant threat to sensitive data, whether it belongs to your customers or the organisation itself.
Regular penetration testing by a trusted security solutions provider can ensure that any vulnerabilities in your system are picked up before they can be exploited to the detriment of your organisation.