Cybercriminals Exploit Social Media with Malvertising: NodeStealer Attacks Target Facebook Users
Bitdefender Labs, a leading cybersecurity company, has recently revealed the growing trend of cybercriminals exploiting social media networks for malvertising. These malicious advertising campaigns aim to hijack user accounts and steal personal data through the use of malicious software. With social media platforms offering vast opportunities for financially motivated threat actors to conduct large-scale attacks, it is crucial for users to remain vigilant and stay informed about the latest tricks used to compromise their account security, data, reputation, and finances.
The primary method employed by cybercriminals involves abusing the ad network to trick users into taking unwelcome actions. Malvertising campaigns take advantage of the tools and methods used by legitimate entities to distribute online ads. Cybercriminals submit infected links onto typical advertisement networks, enticing users to click on infected links through provocative enticements.
Bitdefender’s analysis focuses on how cybercriminals have adapted NodeStealer attacks, a type of malware used to steal browser cookies and login credentials, to exploit Meta’s ads network on Facebook. This allows them to compromise the privacy and security of Facebook users. The researchers discovered that cybercriminals are no longer interested in solely hijacking Facebook business accounts; they have expanded their attacks to target regular users as well.
To gain access to user accounts and systems, the threat actors abuse the ad credit balances of compromised business accounts. They create a Facebook page named ‘Album Update’ or similar, featuring revealing photos of young women. The attackers then run ads promoting fake new content and entice users with lewd album covers. These ads redirect users to Bitbucket or Gitlab repositories where a Windows executable poses as a photo album but instead deploys newer versions of NodeStealer onto the user’s device.
Once the cybercriminals gain access to users’ cookies, they take over Facebook accounts and gain access to sensitive information. From there, hackers can change passwords, add additional security measures, and commit various forms of fraud. These attacks allow cybercriminals to fly under the radar by evading Meta’s security defenses.
To defend against NodeStealer malware, users are advised to use a reliable security solution on their devices and keep it up to date. This includes anti-malware and anti-virus software that can detect and remove or block malware. Additionally, users should exercise caution and practice good cyber hygiene. It is crucial to be cautious when clicking on unsolicited links associated with alarming notices or ads that prompt the download of provocative media files.
In light of this campaign, Facebook users should be wary of ads suggesting the download of photo albums from Bitbucket, Gitlab, or Dropbox. By staying informed and adopting necessary security measures, users can protect themselves from falling victim to these malicious attacks.
Bitdefender, a trusted cybersecurity solutions provider, remains committed to defending organizations and individuals worldwide against cyberattacks, enhancing their digital experiences. For more information about Bitdefender’s cybersecurity solutions, visit bitdefender.com.au.
