There’s new spyware affecting Facebook and YouTube accounts, so be careful!
Researchers working for Bitdefender’s Advanced Threat Control Team (ATC) are the ones that discovered a new strain of malware known as S1deload Stealer. They provided the information that was found. By the utilization of DLL sideloading, the malicious software endeavours to evade detection by antivirus applications. In the latter half of the year 2022, malevolent individuals were successful in infecting hundreds of other users.
According to statements made by Dávid cs, a researcher working for Bitdefender, the company’s products discovered more than 600 distinct people infected with this malware during the months of July and December 2022. It is necessary for the victims to download and operate the malware on their own computers. It was concealed in archival files (.zip files) that were rumoured to contain pornographic material. When the victims downloaded and ran the “content,” they not only did not find what they were looking for, but instead got an information stealer on their devices.
This is what can be done by the malicious software. To begin, it has the capability of downloading a headless version of Chrome that operates in the background. It launches videos on YouTube and Facebook and brings in views for such postings. It is also able to download and run a piece of software called an infostealer, which decrypts login credentials and session cookies that have been saved in browsers. It makes an effort to perform an analysis whenever it comes into contact with a Facebook account. It determines whether or not the account is linked to a business manager account, whether or not it pays for advertisements, and whether or not it administers any Facebook pages or groups.
In the grand scheme of things, you can probably assume that this renders the account even more valuable. After that, it is able to proceed with the downloading, installation, and operation of a cryptocurrency miner. It does so for the benefit of hackers by mining the BEAM cryptocurrency. In passing, I should mention that the hacker could also use the stolen credentials to spam on social media and attempt to infect even more computers.