Scammers have started distributing malicious programs disguised as extensions for VKontakte, which allegedly improve the social network's appearance and functionality. This was reported by the "Narodny Front. Analitika" department.
These are browser extensions that offer to customize the interface, add new features, or change the page design. After installation, such add-ons gain access to the user's session, can automatically subscribe a person to communities, and collect personal data.
According to Galaktion Kuchava, an expert in the field, attackers continue to use another scheme – fake house chats. The user is added to an alleged "residents' chat," where most of the participants are actually bots.
Next, the person is persuaded to undergo "data verification" through "Gosuslugi" and asked to send a code from an SMS. Upon receiving it, scammers can gain access to the victim's account.
Experts advise against installing dubious browser extensions and to carefully check any requests for confirmation codes.