• Password-stealing malware targets thousands of Facebook business

    From TechnologyDaily@1337:1/100 to All on Tue Sep 12 15:00:04 2023
    Password-stealing malware targets thousands of Facebook business

    Date:
    Tue, 12 Sep 2023 14:41:18 +0000

    Description:
    Facebook Business account holders are being targeted with evasive malware designed to steal credentials.

    FULL STORY ======================================================================

    New research published by Guardio Labss Oleg Zaytsev has revealed the extent of ongoing Messenger-based attacks targeting business owners on Facebook in recent weeks.

    The surge in attacks is attributable to a Vietnamese-based group that has
    been seeing particular success in its campaign, succeeding in its bid to compromise around one account in every 70 it tries.

    According to Zaytsev, millions of businesses have already been targeted on
    the platform that has become known as one of the most cost-effective online trading and marketing methods. Facebook business owners warned of
    cyberattacks

    Rather than relying on the basic principles of phishing, whereby users willingly share their credentials via an illegitimate, malicious site, this campaign focuses on spreading malware designed to intercept these
    credentials.

    Zaytsev says that the attacks begin with messages from what look like prospective customers, which serve as a decoy to let the business owners guards down.

    Ultimately, the malicious stealer payload is deployed, targeting all browsers installed on a victims machine. The Python script is designed to obtain session cookies, which are then sent to the threat actors instant messaging channels - specifically, Telegram and Discord.

    Different message variations and Unicode characters are designed to create a multitude of individual messages as the threat actor seeks to avoid detection by Messengers built-in scanners.

    Zaytsev added that two particular pieces of evidence suggest the campaigns link to a Vietnamese group - a Vietnamese message that is sent to the
    Telegram bot and the inclusion of the Coc Coc browser in the list of browsers that are targeted - one that is especially popular in the country.

    Chrome , Firefox , Edge , Opera , Brave , and other Chromium-based browsers look to be affected by the script.

    The blog post ends with a message regarding the stark reality of our cyber landscape: vigilance is key in a world where you can never know where the
    next punch will come from.

    More broadly, users can follow good practices such as exercising caution with external links and monitoring online accounts for suspicious activity to protect their digital footprints. More from TechRadar Pro Keep your login details secure with the best password managers This Chrome extension can
    steal your passwords - and Google has no problem with it Spend a lot of time online? It may be worth considering the best endpoint protection software to help weed out potential threats



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/password-stealing-malware-targets-thous ands-of-facebook-business


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)