Connect with us

FACEBOOK

Facebook accounts hit with malicious ad attack with dangerous malware

Published

on

Facebook accounts hit with malicious ad attack with dangerous malware

In an alarming revelation, Bitdefender Labs has uncovered a sinister turn in cybercrime tactics on Facebook. Hackers are using a new virus called NodeStealer to steal your cookies and passwords. It’s a sneaky piece of code that runs on JavaScript and Node.js, and it can grab your web browser data and use it to hack into your Facebook account.

How NodeStealer works

How do they do it? Well, they use cunning malvertising campaigns, which are fake ads that look like they’re from Meta, the company that owns Facebook. When you click on these ads, you’re actually downloading the NodeStealer virus, which then starts to spy on your online activity.

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS, AND EASY HOW-TO’S TO MAKE YOU SMARTER

NodeStealer is a virus that seeks to steal information, like passwords, from Facebook users. (Credit: Bitdefender Labs)

MORE: DON’T FALL FOR THAT “LOOK WHO DIED” FACEBOOK MESSAGE TRAP

Advertisement

Provocative lure tricks people who are using Facebook

Hackers will post ads on Facebook with pictures of pretty girls, hoping to get you to click on them. But don’t fall for it. These ads are actually hiding a nasty virus that can steal your passwords and personal information.

Bitdefender researchers found that at least 10 Facebook accounts that belong to businesses have been hacked and used to spread these ads. The ads have a link that says, “Photo Album,” but when you click on it, you download a file that infects your computer. The file then gets access to your browser cookies and passwords, which lets the hackers get into your accounts.

MORE: DON’T FALL FOR THAT “LOOK WHO DIED” FACEBOOK MESSAGE TRAP 

Screenshot of an ad with malware.

Hackers post ads with women on Facebook in an attempt to lure people into clicking on them, thereby stealing their information. (Credit: Bitdefender Labs)

MORE: FOOLPROOF STEPS TO HELP PROTECT YOUR FACEBOOK ACCOUNT FROM HACKERS 

Disturbing spread of this attack

The sheer reach of these campaigns is deeply concerning. Bitdefender’s analysis estimates an astounding 100,000 potential downloads, with a single ad amassing up to 15,000 downloads within a mere 24-hour span. Demographically, males over 45 are the most impacted, highlighting the targeted nature of these attacks.

HOW TO FORWARD A VOICEMAIL FROM ANY SMARTPHONE

Advertisement
Three screenshots of the ads.

Males over 45 are most impacted by this malware campaign. (Credit: Bitdefender Labs)

MORE: DON’T FALL FOR THIS SNEAKY NOTIFICATION THAT’S FOOLING PEOPLE ON FACEBOOK AND INSTAGRAM 

How the Facebook ad malware threat is evolving into more elusive trouble

Originally identified by Meta’s security team in early 2023, NodeStealer has undergone a rapid and troubling transformation. The malware, initially devised to steal browser cookies and execute large-scale account takeovers, now boasts enhanced features enabling unauthorized entry into additional platforms like Gmail and Outlook. Its expanded capabilities even extend to stealing crypto wallet balances and downloading further malicious payloads.

AI BUZZKILL DETECTS ROWDY PARTIES IN AN AIRBNB RENTAL

Screenshots of dubious ads.

NodeStealer does not only hack your Facebook account but can spill over into other accounts, like Gmail and Outlook. (Credit: Bitdefender Labs)

MORE: THE DARK WORLD OF FACEBOOK ADS WHERE SCAMMERS ARE TRYING TO STEAL YOUR MONEY 

How the attack unfolds

The attackers’ modus operandi is both clever and calculated. Utilizing ad credit balances from hijacked business accounts, they run ads that distribute the NodeStealer malware to a specifically chosen group of people.

They establish Facebook pages with names like “Album Update” or “Hot Album Update Today,” alluring users with the promise of exclusive, risqué content. Yet, the promised “albums” are merely a façade for spreading NodeStealer malware.

Advertisement

HOW TO ASSOCIATE A RINGTONE WITH ONE OF YOUR CONTACTS ON YOUR PHONE

Example of the fake album update.

Hackers use the allure of risqué content to entice Facebooks users to click on ads. (Credit: Bitdefender Labs)

MORE: TROUBLING MALWARE THREAT SPREADING ON FACEBOOK 

Understanding what kind of damage this attack is capable of

When NodeStealer compromises your device, it doesn’t just sit idly; it paves the way for cybercriminals to hijack your Facebook account and delve into your sensitive information. This breach can escalate quickly, with hackers potentially altering passwords and implementing additional security measures to lock you out of your own account.

The consequences can range from financial theft to identity fraud, with criminals using the stolen accounts to ensnare more victims, all while evading Meta’s security measures.

HOW TO PROTECT YOUR APPLE IPHONE FROM CYBERATTACKS WITH LOCKDOWN MODE

Screenshot of a fake profile.

Some of the consequences of this malware include financial theft and identity fraud. (Credit: Bitdefender Labs)

MORE: HOW SCAMMERS ARE SELLING COUNTERFEIT STAMPS ON FACEBOOK ADS 

Advertisement

How to protect yourself from this persistent malware attack

To detect and defend against NodeStealer’s nasty threat, you should adopt a multi-layered approach:

Implement robust security solutions from good antivirus protection: The cornerstone of digital defense is to have a reliable security solution installed on your device. Having good antivirus software actively running on your devices will alert you of any malware in your system, warn you against clicking on any malicious links in phishing emails, and ultimately protect you from being hacked. Review of the 2023 Best Antivirus Protection here.

Practice good cyber hygiene: Exercise caution in your digital interactions. Refrain from clicking on unsolicited links, particularly those associated with alarming notifications or ads urging you to download enticing media files.

Beware of suspicious ads: Specifically, for this NodeStealer campaign, you should be wary of any ad prompting the download of photo albums, especially if the source is Bitbucket, Gitlab, or Dropbox. Such ads are likely traps set by cybercriminals to deploy NodeStealer malware onto your device.

Scrutinize unusual account activity: Keep an eye out for any unusual activity on your accounts. Unexpected password-reset emails, unrecognized logins, or uninitiated security changes can be red flags signaling a compromised account.

Educate and inform: Share your knowledge about these threats with friends and family. The more informed people are, the less likely they are to fall victim to these schemes. Sign up for my security alerts by subscribing to my CyberGuy Newsletter here.

Advertisement

GET MORE OF MY SECURITY ALERTS, QUICK TIPS & EASY VIDEO TUTORIALS WITH THE FREE CYBERGUY NEWSLETTER – CLICK HERE

Kurt’s key takeaways

The evolution of NodeStealer attacks on Facebook is a stark reminder of the ongoing arms race between cybercriminals and security professionals. The proactive adoption of robust cybersecurity practices is our best defense in this digital age.

Remain alert to the ever-changing landscape of online threats, as illustrated by the provocative malvertising campaigns currently exploiting Facebook’s vast network. You have to take proactive security on all of your connected technology seriously, as we’ve learned that we cannot rely on big tech or Uncle Sam to protect us from these growing threats.

How will the rise of sophisticated malware like NodeStealer change your approach to online security, and what steps do you plan to take to protect your digital identity on platforms like Facebook? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you’d like us to cover

Advertisement

CLICK HERE TO GET THE FOX NEWS APP

Answers to the most asked CyberGuy questions:

●     What is the best way to protect your Mac, Windows, iPhone and Android devices from getting hacked?

●     What is the best way to stay private, secure and anonymous while browsing the web?

●     How can I get rid of robocalls with apps and data removal services?

Copyright 2023 CyberGuy.com. All rights reserved.

Advertisement

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address

FACEBOOK

Facebook Faces Yet Another Outage: Platform Encounters Technical Issues Again

Published

on

By

Facebook Problem Again

Uppdated: It seems that today’s issues with Facebook haven’t affected as many users as the last time. A smaller group of people appears to be impacted this time around, which is a relief compared to the larger incident before. Nevertheless, it’s still frustrating for those affected, and hopefully, the issues will be resolved soon by the Facebook team.

Facebook had another problem today (March 20, 2024). According to Downdetector, a website that shows when other websites are not working, many people had trouble using Facebook.

This isn’t the first time Facebook has had issues. Just a little while ago, there was another problem that stopped people from using the site. Today, when people tried to use Facebook, it didn’t work like it should. People couldn’t see their friends’ posts, and sometimes the website wouldn’t even load.

Downdetector, which watches out for problems on websites, showed that lots of people were having trouble with Facebook. People from all over the world said they couldn’t use the site, and they were not happy about it.

When websites like Facebook have problems, it affects a lot of people. It’s not just about not being able to see posts or chat with friends. It can also impact businesses that use Facebook to reach customers.

Since Facebook owns Messenger and Instagram, the problems with Facebook also meant that people had trouble using these apps. It made the situation even more frustrating for many users, who rely on these apps to stay connected with others.

Advertisement

During this recent problem, one thing is obvious: the internet is always changing, and even big websites like Facebook can have problems. While people wait for Facebook to fix the issue, it shows us how easily things online can go wrong. It’s a good reminder that we should have backup plans for staying connected online, just in case something like this happens again.

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

FACEBOOK

Christian family goes in hiding after being cleared of blasphemy

Published

on

Christian family goes in hiding after being cleared of blasphemy

LAHORE, Pakistan — A court in Pakistan granted bail to a Christian falsely charged with blasphemy, but he and his family have separated and gone into hiding amid threats to their lives, sources said.

Haroon Shahzad (right) with attorney Aneeqa Maria. | The Voice Society/Morning Star News

Haroon Shahzad, 45, was released from Sargodha District Jail on Nov. 15, said his attorney, Aneeqa Maria. Shahzad was charged with blasphemy on June 30 after posting Bible verses on Facebook that infuriated Muslims, causing dozens of Christian families in Chak 49 Shumaali, near Sargodha in Punjab Province, to flee their homes.

Lahore High Court Judge Ali Baqir Najfi granted bail on Nov. 6, but the decision and his release on Nov. 15 were not made public until now due to security fears for his life, Maria said.

Shahzad told Morning Star News by telephone from an undisclosed location that the false accusation has changed his family’s lives forever.

“My family has been on the run from the time I was implicated in this false charge and arrested by the police under mob pressure,” Shahzad told Morning Star News. “My eldest daughter had just started her second year in college, but it’s been more than four months now that she hasn’t been able to return to her institution. My other children are also unable to resume their education as my family is compelled to change their location after 15-20 days as a security precaution.”

Though he was not tortured during incarceration, he said, the pain of being away from his family and thinking about their well-being and safety gave him countless sleepless nights.

Advertisement



“All of this is due to the fact that the complainant, Imran Ladhar, has widely shared my photo on social media and declared me liable for death for alleged blasphemy,” he said in a choked voice. “As soon as Ladhar heard about my bail, he and his accomplices started gathering people in the village and incited them against me and my family. He’s trying his best to ensure that we are never able to go back to the village.”

Shahzad has met with his family only once since his release on bail, and they are unable to return to their village in the foreseeable future, he said.

“We are not together,” he told Morning Star News. “They are living at a relative’s house while I’m taking refuge elsewhere. I don’t know when this agonizing situation will come to an end.”

The Christian said the complainant, said to be a member of Islamist extremist party Tehreek-e-Labbaik Pakistan and also allegedly connected with banned terrorist group Lashkar-e-Jhangvi, filed the charge because of a grudge. Shahzad said he and his family had obtained valuable government land and allotted it for construction of a church building, and Ladhar and others had filed multiple cases against the allotment and lost all of them after a four-year legal battle.

“Another probable reason for Ladhar’s jealousy could be that we were financially better off than most Christian families of the village,” he said. “I was running a successful paint business in Sargodha city, but that too has shut down due to this case.”

Regarding the social media post, Shahzad said he had no intention of hurting Muslim sentiments by sharing the biblical verse on his Facebook page.

Advertisement



“I posted the verse a week before Eid Al Adha [Feast of the Sacrifice] but I had no idea that it would be used to target me and my family,” he said. “In fact, when I came to know that Ladhar was provoking the villagers against me, I deleted the post and decided to meet the village elders to explain my position.”

The village elders were already influenced by Ladhar and refused to listen to him, Shahzad said.

“I was left with no option but to flee the village when I heard that Ladhar was amassing a mob to attack me,” he said.

Shahzad pleaded with government authorities for justice, saying he should not be punished for sharing a verse from the Bible that in no way constituted blasphemy.

Similar to other cases

Shahzad’s attorney, Maria, told Morning Star News that events in Shahzad’s case were similar to other blasphemy cases filed against Christians.

Advertisement



“Defective investigation, mala fide on the part of the police and complainant, violent protests against the accused persons and threats to them and their families, forcing their displacement from their ancestral areas, have become hallmarks of all blasphemy allegations in Pakistan,” said Maria, head of The Voice Society, a Christian paralegal organization.

She said that the case filed against Shahzad was gross violation of Section 196 of the Criminal Procedure Code (CrPC), which states that police cannot register a case under the Section 295-A blasphemy statute against a private citizen without the approval of the provincial government or federal agencies.

Maria added that Shahzad and his family have continued to suffer even though there was no evidence of blasphemy.

“The social stigma attached with a blasphemy accusation will likely have a long-lasting impact on their lives, whereas his accuser, Imran Ladhar, would not have to face any consequence of his false accusation,” she said.

The judge who granted bail noted that Shahzad was charged with blasphemy under Section 295-A, which is a non-cognizable offense, and Section 298, which is bailable. The judge also noted that police had not submitted the forensic report of Shahzad’s cell phone and said evidence was required to prove that the social media was blasphemous, according to Maria.

Bail was set at 100,000 Pakistani rupees (US $350) and two personal sureties, and the judge ordered police to further investigate, she said.

Advertisement



Shahzad, a paint contractor, on June 29 posted on his Facebook page 1 Cor. 10:18-21 regarding food sacrificed to idols, as Muslims were beginning the four-day festival of Eid al-Adha, which involves slaughtering an animal and sharing the meat.

A Muslim villager took a screenshot of the post, sent it to local social media groups and accused Shahzad of likening Muslims to pagans and disrespecting the Abrahamic tradition of animal sacrifice.

Though Shahzad made no comment in the post, inflammatory or otherwise, the situation became tense after Friday prayers when announcements were made from mosque loudspeakers telling people to gather for a protest, family sources previously told Morning Star News.

Fearing violence as mobs grew in the village, most Christian families fled their homes, leaving everything behind.

In a bid to restore order, the police registered a case against Shahzad under Sections 295-A and 298. Section 295-A relates to “deliberate and malicious acts intended to outrage religious feelings of any class by insulting its religion or religious beliefs” and is punishable with imprisonment of up to 10 years and fine, or both. Section 298 prescribes up to one year in prison and a fine, or both, for hurting religious sentiments.

Pakistan ranked seventh on Open Doors’ 2023 World Watch List of the most difficult places to be a Christian, up from eighth the previous year.

Advertisement



Morning Star News is the only independent news service focusing exclusively on the persecution of Christians. The nonprofit’s mission is to provide complete, reliable, even-handed news in order to empower those in the free world to help persecuted Christians, and to encourage persecuted Christians by informing them that they are not alone in their suffering.

Free Religious Freedom Updates

Join thousands of others to get the FREEDOM POST newsletter for free, sent twice a week from The Christian Post.

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

FACEBOOK

Individual + Team Stats: Hornets vs. Timberwolves

Published

on

CHARLOTTE HORNETS MINNESOTA TIMBERWOLVES You can follow us for future coverage by liking us on Facebook & following us on X: Facebook – All Hornets X – …

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

Trending

Follow by Email
RSS