Cybersecurity Experts Uncover Deceptive Ad Campaign on Facebook
Cybersecurity experts have flagged another advertising campaign on Facebook that lures users into installing malware on their Windows devices.
The Trustwave SpiderLabs team has revealed how an anonymous individual created a Facebook campaign for digital advertising jobs.
Individuals who click on this link are directed to a PDF file containing a 'Access Document' button. Clicking the button initiates a series of actions that activate a program called Ov3r_Stealer, designed to steal information.
Trustwave SpiderLabs detailed in their report that this malware is crafted to steal passwords and crypto wallet information, sending this data to a Telegram channel where the anonymous perpetrator retrieves it.
Aside from harvesting passwords and crypto wallet data, Ov3r_Stealer can also pilfer information based on IP addresses, hardware details, cookies, credit card data, auto-fills, browser extensions, Microsoft Office documents, and installed antivirus software on Windows devices.
According to Trustwave, this malware, recently reported, has been potentially rebranded from a previous threat named Famidroon to Ov3r_Stealer. However, the key distinction is that Famidroon was coded in C#.
Conclusion
Facebook users should exercise caution when encountering job advertisements online, especially those that require downloading files or clicking suspicious links. Staying informed about cybersecurity threats can help prevent falling victim to such scams.