StressPaint: If any of you have used a Facebook painting app advertised as a stress reliever, you're at risk as it's an information-stealing malware connections as well as payment information if available on the account.
'StressPaint' first appeared a few days ago and has so far infected over 45.000 users of Facebook. The attacks seem to be specifically aimed at users who use Facebook pages and have a payment method set up in their account.
Revealed by the security company Radware. This malware seems to be spreading very fast all over the world with very high infection rates, and according to the researchers, it seems to have been "professionally developed".
StressPaint steals the victim's account information by duplicating it content των cookies του προγράμματος περιήγησης Chrome και των αρχείων ημερομηνίας σύνδεσης. Μόλις εντοπιστούν τα αποθηκευμένα διαπιστευτήρια του Facebook, αποστέλλονται σε ένα διακομιστή που έχει οριστεί από τους κακόβουλους δημιουργούς του.
With stolen credentials, additional information is gathered from the infringed account, such as the number of friends, whether the account manages a page or not, or whether a payment method is set up.
We believe the malware process is active in the system for less than a minute in specific cases, which helps malware remain undetectable.
At present, the attacks seem to be collecting data, but researchers say the stolen information could be used in many different ways, such as selling credentials underground. Forums, with blackmail of victims, for espionage, profit from stolen payment information and much more not at all pleasant.