Malware hits Facebook and YouTube accounts

A new malware is on the way online right now. It violates accounts, steals credentials and mines cryptocurrencies using victims' devices.

malware death

The come from Bitdefender's Advanced Threat Control Team (ATC) researchers, who discovered a new type of malware called S1deload Stealer. Malware tries to avoid detection by security programs by using DLL sideloading (DLL sideloading). In the second half of 2022, malicious users managed to infect hundreds of users.

The of Bitdefender identified more than 600 unique users infected with this malware from July to December 2022, said Dávid Ács, researcher at Bitdefender.

The malware must be downloaded and executed by the victims themselves. It is hidden in files (.zip files) that are said to have adult content. When victims downloaded and ran the "content", they didn't find what they were looking for, but instead infected their devices with an infostealer.

What the malware can do:

First, it can download a headless Chrome running in the background.

It opens YouTube videos and Facebook posts to increase their views.

It can also download and run an infostealer that decrypts login credentials stored in browsers, as well as session cookies.

The Facebook accounts, he tries to analyze them. It looks to see if the account manages Facebook pages or groups, if it pays for or if it is connected to a business manager account.

Malware can also download, install and run a miner and mines BEAM cryptocurrency for hackers.

Incidentally, hackers can also use the stolen credentials to spam social media and try to infect even more people.

Moral lesson of history: don't download things you don't know from the internet.

iGuRu.gr The Best Technology Site in Greecefgns

every post, directly to your

Join the 2.100 registrants.
Facebook, youtube, malware

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).