Social media platforms offer financially motivated threat actors opportunities for large-scale attacks by providing a vast user base to target with:-
These platforms allow attackers to exploit trust and personal information shared by users, making it easier to craft convincing scams and lure victims into financial traps.
Moreover, the anonymity and global reach of social media make it challenging to trace and prosecute these threat actors effectively.
Cybersecurity analysts at Bitdefender recently discovered that hackers are actively exploiting Facebook Ads to hack Facebook accounts with malware.
Fraud and cyber threats are everywhere on social media, and that’s why users must stay updated on new tricks to protect their:-
To achieve their illicit goals, threat actors exploit ad networks to deceive users since ad networks are one of the best mediums to do so.
Security researchers at Bitdefender Labs have closely monitored the threat actors exploiting social media for malvertising.
They aim to hijack accounts and steal data with malicious software. Malvertising misuses legitimate ad tools, spreading infected links through enticing tricks.
Researchers found 10 hijacked business Facebook accounts spreading malicious ads with NodeStealer.
Attackers created fake profiles using media files, and they ran 140 malicious ad campaigns, cycling through 5 ads to evade detection.
Ads featuring young women’s photos lure victims to download a malicious payload. Each click triggers an archive download, potentially 100,000 times.
However, apart from this, some ads hit 15,000 downloads in 24 hours, mainly affecting males over 45.
In 2023, Meta found NodeStealer, an info-stealer enabling mass account takeovers. Initially linked to Vietnamese threat actors, it targets business users via Facebook Messenger with a custom-built JavaScript tool.
Here below, we have mentioned all the browsers for which this stealer is primarily designed to steal cookie sessions:-
Here below, we have mentioned all the recommendations offered by the cybersecurity researchers:-
Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Try a free trial to ensure 100% security.
The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…
White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…
Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…
The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…
Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…
WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…