There is a new malware circulating on the internet right now. It hacks social media accounts, steals login credentials and mines cryptocurrency using victims' devices.
The information comes from researchers in its Advanced Threat Control Team (ATC). Bitdefender, η οποία ανακάλυψε ένα νέο είδος κακόβουλου λογισμικού που ονομάζεται S1deload Stealer. Malware tries to avoid detection by security programs by using DLL sideloading (DLL sideloading). In the second half of 2022, malicious users managed to infect hundreds of users.
Bitdefender products detected more than 600 unique users infected with this malware from July to December 2022, said Dávid Ács, researcher at Bitdefender.
The malware must be downloaded and executed by the victims themselves. It is hidden in archives (.zip files) that allegedly contain adult content. When victims downloaded and ran the "content", they didn't find what they were looking for, but instead infected their devices with an infostealer.
What the malware can do:
First, it can download a headless Chrome browser that runs in the background.
It opens YouTube videos and Facebook posts to increase their views.
It can also download and run an infostealer that decrypts login credentials stored in browsers, as well as session cookies operation.
Facebook accounts, he tries to analyze them. It looks to see if the account manages Facebook pages or groups, pays for ads, or is linked to a business manager account.
The malware can also download, install and run a cryptocurrency miner and mine the cold currency BEAM for hackers.
Incidentally, hackers can also use the stolen credentials to spam social media and try to infect even more people.
Moral lesson of history: don't download things you don't know from the internet.