Malicious advertising on Facebook executes SYS01 malware

A new way to steal personal data and hijack Facebook accounts is executed through malicious advertising that actually releases the dangerous SYS01 malware.

Through Facebook ads disguised as desktop themes and games, the SYS01 malware is released that takes over accounts and steals user data, according to the cybersecurity website Trustwave.

They have referred to a new malvertising campaign on Facebook that “uses ads offering Windows desktop themes, games and pirated software as a hook. By clicking, users download the SYS01 malware, designed to steal information and hijack social network accounts.”

The malware was identified in November 2022 and is known to “primarily target Facebook business accounts.” “This malware extracts browser data such as login credentials, browsing history, and cookies.”

Cyber​​attackers rely on ads for Windows desktop themes and games that are attractive to users, reaching a larger audience.

The site Trustwave, in its SpiderLabs threat intelligence study, discovered that this SYS01 campaign has been active since September of last year and remains on Facebook displaying fake ads such as “Awesome_Themes_for_Win_10_11.zip” or “Adobe_Photoshop_2023.zip”, which They contain the SYS01 malware that is installed using DLL executables, PowerShell scripts, and PHP.

Once the malware is installed on the computer, it “creates tasks and steals cookies, history and credentials saved in the browser, including cryptocurrency wallets.”

Significant damage occurs with the theft of the identity of the people behind the real accounts added to the financial damages.

M.Pino

Source: nacion

(Reference image source: Unsplash+, in collaboration with Getty Images)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram