Subj : Facebook says it stamped out some dangerous account-stealing malw
To   : All
From : TechnologyDaily
Date : Thu May 04 2023 15:15:03

Facebook says it stamped out some dangerous account-stealing malware

Date:
Thu, 04 May 2023 14:04:21 +0000

Description:
Vietnamese hackers were going after Facebook user cookies and using the 
accounts to run malicious ad campaigns.

FULL STORY
======================================================================

Social media powerhouse Facebook says it has thwarted a cybercrime campaign 
in which hackers were stealing peoples session cookies and using certain 
accounts to run malicious advertising campaigns on the platform. 

In a blog post , Facebook said it discovered an infostealer called 
NodeStealer being distributed throughout the platform. NodeStealer is a 
malware written in JavaScript and executed through Node.js, whose goal is to 
scan the target endpoint for session cookies for platforms such as Facebook, 
Gmail, or Outlook. 

By exfiltrating session cookies, threat actors are able to access peoples 
accounts without knowing their login credentials. Cookies also allow them to 
bypass multi-factor authentication, too, making them extremely potent and a 
popular target among identity theft criminals. Running ads 

Once they gain access to an account, the attackers would look for Facebook 
profiles that can run advertising campaigns. They would use these accounts to 
push misinformation or guide other Facebook users to more 
malware-distributing websites. 

After learning of the campaign, the social media giant reported the hackers 
server to the domain registrar, which took it down on January 25, 2023, it 
was said. The campaign was live for roughly two weeks, they said, adding that 
the threat actors were most likely of Vietnamese origin. Read more 

> Half of Americans accept all cookies despite the security risk 


 > Google pushes back deadline for killing off tracking cookies in Chrome 


 > Keep your devices safe with the best malware removal tools out there 

Cookies have become a major liability in recent times, which is why Google 
announced plans to ditch them from web browsers altogether. However, a report 
from early February this year states that users shouldnt expect anything 
concrete before late 2024 or early 2025. 

Googles project Privacy Sandbox hopes to phase out third-party cookies and 
limit covert tracking, but this involves building new technologies, working 
with publishers and developers, and collaborating with the entire industry, 
which seems to be taking a long time. By previous calculations, third-party 
cookies should have been gone by the end of last year. Then, Google said it 
had pushed its deadline to the end of 2023. Now, though, were looking at the 
end of 2024. Here's our take for the best firewalls right now



======================================================================
Link to news story:
https://www.techradar.com/news/facebook-says-it-stamped-out-some-dangerous-acc
ount-stealing-malware


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.