Facebook is widely used to spread malware and in the past the focus has been to attract clicks with fake news and inappropriate material. Now the villains have changed tactics and lures more often with Windows themes and software to spread information-stealing malware.
The security researchers at Trustwave have discovered campaigns where ads are used to distribute the SYS01 malware software, which scrapes your computer for information. In addition to Windows themes, they attract free games and activation of Microsoft Office or Photoshop. The ads are marketed via newly created or hijacked Facebook pages. When users click on the ads, they are sent to web pages that pretend to offer the alleged software.
When users download applications or themes, they receive a ZIP file containing SYS01 malware. This malware uses a combination of executables and scripts to bypass Windows Defender and steal data. Primarily browser cookies, saved login details and browsing history. The stolen data is temporarily stored on the computer before it is sent to the crooks behind the software.
According to Trustwave, these campaigns have wide spread, with thousands of ads for each campaign. Similar campaigns have also appeared on Linkedin and YouTube.
Important to protect yourself
To protect yourself, it’s important to be careful about which ads and links you click, especially if they offer free software or theme downloads.
You can also protect yourself by keeping your security software up to date and making sure to avoid downloading files from unknown or suspicious sources. In short: Common sense on the internet is essential.
You don’t click on shady links do you?
Source: www.sweclockers.com