Subj : This new malware is going after Facebook Business accounts
To   : All
From : TechnologyDaily
Date : Wed Aug 02 2023 19:15:03

This new malware is going after Facebook Business accounts

Date:
Wed, 02 Aug 2023 18:00:06 +0000

Description:
A new variant of a known malware spotted targeting Facebook Business accounts.

FULL STORY
======================================================================

A new malware strain has been identified targeting Facebook business accounts 
and stealing their cryptocurrency, experts have revealed. 

A new report from Unit 42, the cybersecurity arm of Palo Alto Networks has 
identified the malware as NodeStealer, a Python variant of the malware 
originally written in JavaScript. 

To get people to install NodeStealer, hackers were reaching out via Facebook, 
offering fake professional budget tracking Microsoft Excel and Google Sheets 
templates. Given that the attackers were going after business accounts, its 
no wonder that they were trying to lure people in by offering 
business-related tools and assistance. Idle campaign 

The templates were hosted on Google Drive, residing in a .ZIP archive. The 
archive carried the NodeStealer executable which was also capable of 
deploying additional malware, such as BitRAT and XWorm, as well as disabling 
Microsoft Defender antivirus and stealing cryptocurrencies through the 
MetaMask browser addon wallet. 

The strain was used in a malicious campaign that started in December 2022, 
the researchers said, adding that its unlikely that the scheme is still 
ongoing. 

NodeStealer was first spotted in May 2023 by Meta, when the company described 
it as a stealer that grabs cookies and passwords stored in browsers. 
NodeStealer was capable of compromising not just Facebook accounts, but Gmail 
and Outlook, too. Read more 

> Facebook says it stamped out some dangerous account-stealing malware 


 > Google pushes back deadline for killing off tracking cookies in Chrome 


 > Keep your devices safe with the best endpoint protection tools out there 

"NodeStealer poses great risk for both individuals and organizations," Unit 
42 researcher Lior Rochberger said. "Besides the direct impact on Facebook 
business accounts, which is mainly financial, the malware also steals 
credentials from browsers, which can be used for further attacks." 

Originally, the attackers were using Facebook business accounts to run 
malicious advertising campaigns on the platform, and lure the social networks 
users to third-party websites where theyd incentivize them to download 
malware or otherwise share sensitive information. Here's our take for the 
best ransomware removal right now



======================================================================
Link to news story:
https://www.techradar.com/pro/this-new-malware-is-going-after-facebook-busines
s-accounts


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.