Microsoft has discovered a new malicious Chrome extension and Firefox add-on that can hijack Facebook accounts.
The malware, detected by the firm as Trojan:JS/Febipos.A checks to see if the current users is logged in to Facebook and attempts to download a configuration file that includes a list of commands.
Microsoft found that the trojan is capable of liking pages, sharing content, posting on people’s profiles, commenting on other posts, joining groups, inviting friends to groups and even chatting with people on your friends list.
The threat seems to be currently focused on targeting Facebook users in Brazil, but Microsoft is warning users to make sure they only install extensions and add-ons from trusted sources.
It does not appear that there is any equivalent malware targeted at Internet Explorer or Safari.