Cyber-security firm McAfee is reporting about a sudden surge in detections for Faceliker, a malware strain that can take over browsers and manipulate Facebook "likes" on the behest of a remote party in order to promote social media trends, fake news, and other content.
The malware is usually packed in rogue browser add-ons, and specifically Chrome extensions. Users are lured to pages that promote these rogue extensions, either using email or Facebook Messenger spam.
McAfee says it detected a sudden rise in Faceliker detections during Q2 2017, which is no surprise, since Bleeping Computer's Lawrence Abrams observed a similar noticeable increase in rogue Chrome extensions during the same period, some of which come with even more malicious features, besides giving "likes" to predetermined Facebook stories.
According to statistics included in the McAfee Labs Threats Report: September 2017, Faceliker accounted for almost 8.9% of the 52 million new malware samples detected in the second quarter of 2017, being one of the key driving forces behind the 67% increase in desktop malware detections for that same period.
While Faceliker is a generic term used to describe malware that gives Facebook likes, users should be aware that malware never stands still.
Most of today's browser hijackers, besides giving Facebook likes, are also equipped with the ability to steal passwords, promote content on other networks, or insert ads or popups on top of legitimate pages.
Facebook offers an activity log for all user accounts. Users who notice strange likes for content they don't usually "like" should search their browser for extensions they don't remember installing, scan their computer with a security product, or reach out for help to a professional.