Cheetah Mobile found that this iteration of the scam stems from an apparent vulnerability in Facebook’s app page. This vulnerability lets hackers implant viruses and malicious code into Facebook-based applications, which direct users to phishing sites, it said. This malware has already infected almost 10,000 computers around the world. Facebook reportedly fixed this malicious software that wrought havoc on multiple accounts before but the malware has resurfaced. Cheetah Mobile, confirmed this app infects devices by downloading malware that compromises users’ accounts. Cyber criminals target users’ accounts using applications that implant malicious codes embedded in viruses and malware. Users that fall victim to the app are then directed towards phishing sites. The color change malware keeps came back because it exploits a vulnerability in the app page itself in Facebook, allowing hackers to install malicious code and viruses into applications based on the social networking site. When users access the app through Facebook, they are redirected to phishing sites. And once on a phishing site, it is now possible for hackers to steal personal information off of the computer being used.
