Hackers are using Facebook ads to infect Windows PCs with password-stealing malware — how to stay safe
Hackers target weak Windows PCs on Facebook with bogus adverts to obtain passwords.
Trustwave security experts have found multiple new campaigns that leverage bogus Windows themes and unlicensed game and software downloads to fool Facebook users into clicking on their harmful adverts, according to BleepingComputer. Create new Facebook business accounts or hijack existing ones.
Learn about this new effort and how to protect your Windows PC from infection here.
Passwords and Facebook info theft
The hackers behind this new assault removed thousands of advertisements in each campaign, according to Trustwave. The top movement “blue-softs” had 8,100 advertisements, while “xtaskbar-themes” had 4,300.
Clicking on one of these phony adverts leads to malicious Google Sites or True Hosting sites that seem like download pages for Facebook themes or applications. These sites post a download button that downloads a ZIP file named after the offered goods.
As expected, these ZIP packages include the 2022 Morphisec-discovered SYS01 info-stealing malware. The virus installs and steals data from a targeted Windows PC via executables, DLL files, PowerShell scripts, and PHP scripts.
SYS01 steals browser cookies, passwords, and browsing history. Additionally, it uses Facebook cookies on an infected device to retrieve a victim’s name, email, birthdate, and other Facebook profile data.
Trustwave has seen similar malvertising operations on YouTube and LinkedIn, so be wary even if you’re not on Facebook.
How to avoid malware
The only way to prevent this campaign and others like it is to avoid clicking on advertising.
To be secure, avoid clicking on advertising because hackers may buy ad space just like legal businesses. Even the FBI promotes ad-blocking.
If you find an ad you like, you search for the item or go to the company’s website to buy it. It would help if you used the greatest antivirus software while interacting with internet ads to avoid malware and other infections.
Faced with fraudulent advertising on Google and Facebook, both businesses are working to stop them. Be careful where you click and avoid downloading from unknown sites and sources online for now.
Thank you for reading this post, don't forget to follow my whatsapp channel
Discover more from TechKelly
Subscribe to get the latest posts sent to your email.