Facebook Business Accounts Are Getting Compromised by New Malware

It seems like a new type of malware pops up practically every other day, and this latest strain happens to be targeting Facebook Business accounts in particular. The Meta owned social media platform has been attempting to compete with LinkedIn by offering users the chance to develop professional networks. In spite of the fact that this is the case, these efforts are being hampered by the latest malware that has broken onto the scene.

This comes from a new report that was released by Unit 42 which revealed that the malware is named NodeStealer. With all of that having been said and now out of the way, it is important to note that it is a Python based alteration of the initial NodeStealer malware which was written in JavaScript.

Malicious actors are attempting to sell unsuspecting and unwary users on ostensibly professional budget tracking options that supposedly utilized Excel and Google Sheets. Offering business related tools make sense because of the fact that this is the sort of thing that could potentially end up reeling in users that require such helpful services.

However, if you were to click on the link, you would be taken to a Google Drive account wherein the malware would be contained within a .ZIP file. Not only will this archive execute the malware itself, but it would also deploy BitRAT XWorm and other forms of malware. Furthermore, Windows users will find their Windows Defender disabled, thereby making it easier for the malware to run amok than might have been the case otherwise.

Another downside of the presence of this malware on your system is that it would install the digital wallet add-on known as MetaMask which will allow it to use your system’s resources to steal cryptocurrency. Meta has already been plagued with malicious ad campaigns that market these services to users only for them to have their log in credentials and browsing cookies stolen.

More steps must be taken to mitigate the effects of this malware. Until then, users must avoid clicking on links sent to them by unknown accounts no matter what is being offered.

Read next: 88% of Firms Are Worried About VPN Vulnerabilities
Previous Post Next Post