New malware exploits users’ YouTube and Facebook account
The info comes from researchers from Bitdefender’s Advanced Threat Control Team (ATC), which found a new strain of malware named S1deload Stealer. The malware tries to avoid being detected by antivirus programs by using DLL sideloading. In the second half of 2022, malicious users were able to infect hundreds of users.Bitdefender products detected more than 600 unique users infected with this malware between July and December 2022, Dávid Ács, a researcher from Bitdefender, stated.
The malware needs to be downloaded and run by the victims themselves. It was hidden in archives (.zip files) that allegedly had adult content. When the victims downloaded and run the “content”, they didn’t find what they were looking for but instead got their devices infected with an infostealer.
Here’s what this malware is capable of. First, it can download a headless Chrome browser that runs in the background. It opens YouTube vids and Facebook posts and rakes up views. It can also download and run an infostealer that decrypts login credentials saved in browsers, as well as session cookies.
When it comes to a Facebook account, it tries to analyze it. It looks for whether the account administrates any Facebook pages or groups, if it pays for ads, or if it’s linked to a business manager account. All in all, you can imagine this makes the account even more valuable.
And then it can go ahead and download, install, and run a cryptocurrency miner. It mines the BEAM cryptocurrency for hackers. By the way, the hacker can also use the stolen credentials to spam on social media and try to infect even more machines.
A more techy explanation of the malware’s actions can be found on Bleeping Computer’s article. The moral of the story: don’t download shady things from the internet.
Read original article here
Denial of responsibility! Gulehri.com is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – firstname.lastname@example.org. The content will be deleted within 24 hours.