Connect with us

FACEBOOK

Facebook accounts hit with malicious ad attack with dangerous malware

Published

on

Facebook accounts hit with malicious ad attack with dangerous malware

In an alarming revelation, Bitdefender Labs has uncovered a sinister turn in cybercrime tactics on Facebook. Hackers are using a new virus called NodeStealer to steal your cookies and passwords. It’s a sneaky piece of code that runs on JavaScript and Node.js, and it can grab your web browser data and use it to hack into your Facebook account.

How NodeStealer works

How do they do it? Well, they use cunning malvertising campaigns, which are fake ads that look like they’re from Meta, the company that owns Facebook. When you click on these ads, you’re actually downloading the NodeStealer virus, which then starts to spy on your online activity.

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS, AND EASY HOW-TO’S TO MAKE YOU SMARTER

NodeStealer is a virus that seeks to steal information, like passwords, from Facebook users. (Credit: Bitdefender Labs)

MORE: DON’T FALL FOR THAT “LOOK WHO DIED” FACEBOOK MESSAGE TRAP

Provocative lure tricks people who are using Facebook

Hackers will post ads on Facebook with pictures of pretty girls, hoping to get you to click on them. But don’t fall for it. These ads are actually hiding a nasty virus that can steal your passwords and personal information.

Bitdefender researchers found that at least 10 Facebook accounts that belong to businesses have been hacked and used to spread these ads. The ads have a link that says, “Photo Album,” but when you click on it, you download a file that infects your computer. The file then gets access to your browser cookies and passwords, which lets the hackers get into your accounts.

MORE: DON’T FALL FOR THAT “LOOK WHO DIED” FACEBOOK MESSAGE TRAP 

Screenshot of an ad with malware.

Hackers post ads with women on Facebook in an attempt to lure people into clicking on them, thereby stealing their information. (Credit: Bitdefender Labs)

MORE: FOOLPROOF STEPS TO HELP PROTECT YOUR FACEBOOK ACCOUNT FROM HACKERS 

Disturbing spread of this attack

The sheer reach of these campaigns is deeply concerning. Bitdefender’s analysis estimates an astounding 100,000 potential downloads, with a single ad amassing up to 15,000 downloads within a mere 24-hour span. Demographically, males over 45 are the most impacted, highlighting the targeted nature of these attacks.

HOW TO FORWARD A VOICEMAIL FROM ANY SMARTPHONE

Three screenshots of the ads.

Males over 45 are most impacted by this malware campaign. (Credit: Bitdefender Labs)

MORE: DON’T FALL FOR THIS SNEAKY NOTIFICATION THAT’S FOOLING PEOPLE ON FACEBOOK AND INSTAGRAM 

How the Facebook ad malware threat is evolving into more elusive trouble

Originally identified by Meta’s security team in early 2023, NodeStealer has undergone a rapid and troubling transformation. The malware, initially devised to steal browser cookies and execute large-scale account takeovers, now boasts enhanced features enabling unauthorized entry into additional platforms like Gmail and Outlook. Its expanded capabilities even extend to stealing crypto wallet balances and downloading further malicious payloads.

AI BUZZKILL DETECTS ROWDY PARTIES IN AN AIRBNB RENTAL

Screenshots of dubious ads.

NodeStealer does not only hack your Facebook account but can spill over into other accounts, like Gmail and Outlook. (Credit: Bitdefender Labs)

MORE: THE DARK WORLD OF FACEBOOK ADS WHERE SCAMMERS ARE TRYING TO STEAL YOUR MONEY 

How the attack unfolds

The attackers’ modus operandi is both clever and calculated. Utilizing ad credit balances from hijacked business accounts, they run ads that distribute the NodeStealer malware to a specifically chosen group of people.

They establish Facebook pages with names like “Album Update” or “Hot Album Update Today,” alluring users with the promise of exclusive, risqué content. Yet, the promised “albums” are merely a façade for spreading NodeStealer malware.

HOW TO ASSOCIATE A RINGTONE WITH ONE OF YOUR CONTACTS ON YOUR PHONE

Example of the fake album update.

Hackers use the allure of risqué content to entice Facebooks users to click on ads. (Credit: Bitdefender Labs)

MORE: TROUBLING MALWARE THREAT SPREADING ON FACEBOOK 

Understanding what kind of damage this attack is capable of

When NodeStealer compromises your device, it doesn’t just sit idly; it paves the way for cybercriminals to hijack your Facebook account and delve into your sensitive information. This breach can escalate quickly, with hackers potentially altering passwords and implementing additional security measures to lock you out of your own account.

The consequences can range from financial theft to identity fraud, with criminals using the stolen accounts to ensnare more victims, all while evading Meta’s security measures.

HOW TO PROTECT YOUR APPLE IPHONE FROM CYBERATTACKS WITH LOCKDOWN MODE

Screenshot of a fake profile.

Some of the consequences of this malware include financial theft and identity fraud. (Credit: Bitdefender Labs)

MORE: HOW SCAMMERS ARE SELLING COUNTERFEIT STAMPS ON FACEBOOK ADS 

How to protect yourself from this persistent malware attack

To detect and defend against NodeStealer’s nasty threat, you should adopt a multi-layered approach:

Implement robust security solutions from good antivirus protection: The cornerstone of digital defense is to have a reliable security solution installed on your device. Having good antivirus software actively running on your devices will alert you of any malware in your system, warn you against clicking on any malicious links in phishing emails, and ultimately protect you from being hacked. Review of the 2023 Best Antivirus Protection here.

Practice good cyber hygiene: Exercise caution in your digital interactions. Refrain from clicking on unsolicited links, particularly those associated with alarming notifications or ads urging you to download enticing media files.

Beware of suspicious ads: Specifically, for this NodeStealer campaign, you should be wary of any ad prompting the download of photo albums, especially if the source is Bitbucket, Gitlab, or Dropbox. Such ads are likely traps set by cybercriminals to deploy NodeStealer malware onto your device.

Scrutinize unusual account activity: Keep an eye out for any unusual activity on your accounts. Unexpected password-reset emails, unrecognized logins, or uninitiated security changes can be red flags signaling a compromised account.

Educate and inform: Share your knowledge about these threats with friends and family. The more informed people are, the less likely they are to fall victim to these schemes. Sign up for my security alerts by subscribing to my CyberGuy Newsletter here.

GET MORE OF MY SECURITY ALERTS, QUICK TIPS & EASY VIDEO TUTORIALS WITH THE FREE CYBERGUY NEWSLETTER – CLICK HERE

Kurt’s key takeaways

The evolution of NodeStealer attacks on Facebook is a stark reminder of the ongoing arms race between cybercriminals and security professionals. The proactive adoption of robust cybersecurity practices is our best defense in this digital age.

Remain alert to the ever-changing landscape of online threats, as illustrated by the provocative malvertising campaigns currently exploiting Facebook’s vast network. You have to take proactive security on all of your connected technology seriously, as we’ve learned that we cannot rely on big tech or Uncle Sam to protect us from these growing threats.

How will the rise of sophisticated malware like NodeStealer change your approach to online security, and what steps do you plan to take to protect your digital identity on platforms like Facebook? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you’d like us to cover

CLICK HERE TO GET THE FOX NEWS APP

Answers to the most asked CyberGuy questions:

●     What is the best way to protect your Mac, Windows, iPhone and Android devices from getting hacked?

●     What is the best way to stay private, secure and anonymous while browsing the web?

●     How can I get rid of robocalls with apps and data removal services?

Copyright 2023 CyberGuy.com. All rights reserved.

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address

FACEBOOK

Top CIA agent shared pro-Palestinian to Facebook after Hamas attack: report

Published

on

Top CIA agent shared pro-Palestinian to Facebook after Hamas attack: report

A high-ranking CIA official boldly shared multiple pro-Palestinian images on her Facebook page just two weeks after Hamas launched its bloody surprise attack on Israel — while President Biden was touring the Jewish state to pledge the US’s allegiance to the nation.

The CIA’s associate deputy director for analysis changed her cover photo on Oct. 21 to a shot of a man wearing a Palestinian flag around his neck and waving a larger flag, the Financial Times reported.

The image — taken in 2015 during a surge in the long-stemming conflict — has been used in various news stories and pieces criticizing Israel’s role in the violence.

The CIA agent also shared a selfie with a superimposed “Free Palestine” sticker, similar to those being plastered on businesses and public spaces across the nation by protesters calling for a cease-fire.

The Financial Times did not name the official after the intelligence agency expressed concern for her safety.

“The officer is a career analyst with extensive background in all aspects of the Middle East and this post [of the Palestinian flag] was not intended to express a position on the conflict,” a person familiar with the situation told the outlet.

The individual added that the sticker image was initially posted years before the most recent crisis between the two nations and emphasized that the CIA official’s Facebook account was also peppered with posts taking a stand against antisemitism.

The image the top-ranking CIA official shared on Facebook.

The latest post of the man waving the flag, however, was shared as Biden shook hands with Israeli leaders on their own soil in a show of support for the Jewish state in its conflict with the terrorist group.

Biden has staunchly voiced support for the US ally since the Oct. 7 surprise attack that killed more than 1,300 people, making the CIA agent’s posts in dissent an unusual move.

A protester walks near burning tires in the occupied West Bank on Nov. 27, 2023, ahead of an expected release of Palestinian prisoners in exchange for Israeli hostages. AFP via Getty Images

In her role, the associate deputy director is one of three people, including the deputy CIA director, responsible for approving all analyses disseminated inside the agency.

She had also previously overseen the production of the President’s Daily Brief, the highly classified compilation of intelligence that is presented to the president most days, the Financial Times said.

“CIA officers are committed to analytic objectivity, which is at the core of what we do as an agency. CIA officers may have personal views, but this does not lessen their — or CIA’s — commitment to unbiased analysis,” the CIA said in a statement to the outlet.

The top CIA official has since deleted the pro-Palestinian images from her social media page. Hamas Press Service/UPI/Shutterstock

Follow along with The Post’s live blog for the latest on Hamas’ attack on Israel


Neither the Office of the Director of National Intelligence nor the White House responded to The Post’s request for comment.

All of the official’s pro-Palestinian images and other, unrelated posts have since been deleted, the outlet reported.

Palestinian children sit by the fire next to the rubble of a house hit in an Israeli strike. REUTERS

The report comes as CIA Director William Burns arrived in Qatar, where he was due to meet with his Israeli and Egyptian counterparts and the Gulf state’s prime minister to discuss the possibility of extending the pause in fighting between Israeli forces and Hamas terrorists in the Gaza Strip for a second time.

Israel and Hamas agreed Monday to an additional two-day pause in fighting, meaning combat would likely resume Thursday morning Israel time if no additional halt is brokered.

Both sides agreed to release a portion of its hostages under the arrangement.

More than 14,000 Palestinians in Gaza, including many women and children, have been killed in the conflict, according to data from the Hamas-controlled Ministry of Health.



Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

FACEBOOK

Lee Hsien Yang faces damages for defamation against two Singapore ministers over Ridout Road rentals

Published

on

Lee Hsien Yang faces damages for defamation against two Singapore ministers over Ridout Road rentals

High Court ruling: Lee Hsien Yang directed to compensate Ministers Shanmugam and Balakrishnan for defamatory remarks on Ridout Road state bungalows. (PHOTO: MCI/YouTube and ROSLAN RAHMAN/AFP via Getty Images ) ((PHOTO: MCI/YouTube and ROSLAN RAHMAN/AFP via Getty Images ))

SINGAPORE — The High Court in Singapore has directed Lee Hsien Yang to pay damages to ministers K. Shanmugam and Vivian Balakrishnan for defamatory statements made in Facebook comments regarding their rental of black-and-white bungalows on Ridout Road.

The court issued a default judgment favouring the two ministers after Lee – the youngest son of Singapore’s founding prime minister Lee Kuan Yew and brother of current Prime Minister Lee Hsien Loong – failed to address the defamation lawsuits brought against him. Lee had, among other claims, insinuated that the ministers engaged in corrupt practices and received preferential treatment from the Singapore Land Authority for their bungalow rentals.

The exact amount of damages will be evaluated in a subsequent hearing.

Restricted from spreading defamatory claims against ministers

Not only did Justice Goh Yi Han grant the default judgment on 2 November, but he also imposed an injunction to prohibit Lee from further circulating false and defamatory allegations.

In a released written judgment on Monday (27 November), the judge highlighted “strong reasons” to believe that Lee might persist in making defamatory statements again, noting his refusal to remove the contentious Facebook post on 23 July, despite receiving a letter of demand from the ministers on 27 July.

Among other things, Lee stated in the post that “two ministers have leased state-owned mansions from the agency that one of them controls, felling trees and getting state-sponsored renovations.”

A report released by the Corrupt Practices Investigation Bureau in June concluded that no wrongdoing or preferential treatment had occurred concerning the two ministers. However, Lee continued referencing this post and the ongoing lawsuits, drawing attention to his remarks under legal scrutiny.

Justice Goh emphasised that the ministers met the prerequisites for a default judgment against Lee. The suits, separately filed by Shanmugam, the Law and Home Affairs Minister, and Dr Balakrishnan, the Foreign Affairs Minister, were initiated in early August.

Lee Hsien Yang alleges in his post that two ministers leased state-owned mansions, 26 and 31 Ridout Road from an agency, one of which they control, involving tree felling and receiving state-sponsored renovations.Lee Hsien Yang alleges in his post that two ministers leased state-owned mansions, 26 and 31 Ridout Road from an agency, one of which they control, involving tree felling and receiving state-sponsored renovations.

Lee Hsien Yang alleges in his post that two ministers leased state-owned mansions, 26 and 31 Ridout Road from an agency, one of which they control, involving tree felling and receiving state-sponsored renovations.(SCREENSHOTS: Google Maps)

He failed to respond within 21 days

Lee and his wife, Lee Suet Fern, had left Singapore in July 2022, after declining to attend a police interview for potentially giving false evidence in judicial proceedings over the late Lee Kuan Yew’s will.

His absence from Singapore prompted the court to permit Shanmugam and Dr Balakrishnan to serve him legal documents via Facebook Messenger in mid-September. Despite no requirement for proof that Lee saw these documents, his subsequent social media post on 16 September confirmed his awareness of the served legal papers.

Although Lee had the opportunity to respond within 21 days, he chose not to do so. Additionally, the judge noted the novelty of the ministers’ request for an injunction during this legal process, highlighting updated court rules allowing such measures since April 2022.

Justice Goh clarified that despite the claimants’ application for an injunction, the court needed independent validation for its appropriateness, considering its potentially severe impact on the defendant. He reiterated being satisfied with the circumstances and granted the injunction, given the continued accessibility of the contentious Facebook post.

Lee acknowledges court order and removes allegations from Facebook

Following the court’s decision, Lee acknowledged the court order on 10 November and removed the statements in question from his Facebook page.

In the judgment, Justice Goh noted that there were substantial grounds to anticipate Lee’s repetition of the “defamatory allegations by continuing to draw attention to them and/or publish further defamatory allegations against the claimants.”

The judge mentioned that if Lee had contested the ministers’ claims, there could have been grounds for a legally enforceable case under defamation law.

According to Justice Goh, a reasonable reader would interpret Lee’s Facebook post as insinuating that the People’s Action Party’s trust had been squandered due to the ministers’ alleged corrupt conduct, from which they gained personally.

While Shanmugam and Dr Balakrishnan were not explicitly named, the post made it evident that it referred to them, and these posts remained accessible to the public, as noted by the judge.

Justice Goh pointed out that by choosing not to respond to the lawsuits, Lee prevented the court from considering any opposing evidence related to the claims.

Do you have a story tip? Email: [email protected].

You can also follow us on Facebook, Instagram, TikTok and Twitter. Also check out our Southeast Asia, Food, and Gaming channels on YouTube.

Yahoo Singapore TelegramYahoo Singapore Telegram

Yahoo Singapore Telegram



Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

FACEBOOK

Tauranga judge orders Team Chopper Facebook pages taken down due to ‘threatening’ online communciations

Published

on

Tauranga judge orders Team Chopper Facebook pages taken down due to ‘threatening’ online communciations

Helen Fraser’s son Ryan Tarawhiti-Brown with Chopper, the dog at the centre of an attack on Tauranga vet Dr Liza Schneider.

The son of the woman whose Rottweiler dog attacked and seriously injured a Tauranga vet has been ordered to disable two Facebook pages that contained threats towards the vet and her business.

Ryan Tarawhiti-Brown (AKA Ryan Brown) ran and promoted a Facebook page called Team Chopper in support of his mother Helen Fraser’s legal battle to save her dog Chopper.

Chopper was euthanised following a court order handed down on August 21 by Judge David Cameron after he convicted Fraser of being the owner of a dog that attacked and seriously injured Holistic Vets co-owner Dr Liza Schneider.

The attack happened in the carpark of her Fraser St practice on October 14, 2022.

Advertisement

Advertise with NZME.

Schneider was left with serious injuries after Chopper bit her arm, including a broken bone in her forearm, and deep tissue damage and nerve damage.

She required surgery and her arm took several months to heal.

Tauranga woman Helen Fraser, pictured here at her July trial, said that the case was "exceptional" and argued in favour of sparing Chopper's life. Photo / Ethan Griffiths
Tauranga woman Helen Fraser, pictured here at her July trial, said that the case was “exceptional” and argued in favour of sparing Chopper’s life. Photo / Ethan Griffiths

Following Fraser’s conviction, Schneider sought a takedown order after she told the court she and her practice had been the subject of constant online harassment and threats since October 2021.

Schneider said comments posted on the Team Chopper Facebook page included threats, harassment and derogatory and abusive comments.

Advertisement

Advertise with NZME.

In an affidavit, Schneider said her Google account had also been bombarded with fake reviews which she alleged were incited by the Team Chopper page.

Court documents obtained by the Bay of Plenty Times confirm an interim judgment was made by Judge Lance Rowe on August 30 which ordered the page be taken down and any references to Schneider removed. She also asked for a written apology. This order was previously suppressed.

During a second court hearing on October 25, Tarawhiti-Brown’s lawyer Bev Edwards told Judge Cameron it was accepted her client had not complied with this order to take down the page.

Edwards said her client had instead changed the nature of the page to help promote the rights of cats and dogs, and no criticism or abuse of Schneider or Holistic Vets was made by her client in those posts.

Tarawhiti-Brown had filed an affidavit to similar effect, court documents show.

Schneider argued the change in tone had not prevented others from posting derogatory comments about her.

This included posts on September 23, which stated she should be “prosecuted for negligence”, “sucked” at her job and should lose her licence.

Edwards also submitted that Schneider was prepared to use social media to her own advantage when it suited, her and cited an online article published in June.

In Judge Cameron’s written judgement, dated November 13, Tarawhiti-Brown, who lives in Australia, was ordered to immediately disable or take down his two Facebook pages.

The judge ruled the digital communications on the Facebook pages had been “threatening” to Schneider and “amount to harassment of her”, and also caused her “ongoing psychological harm”.

Advertisement

Advertise with NZME.

Judge Cameron also ordered Tarawhiti-Brown to refrain from making any digital communications about Schneider or identifying her or her business directly or indirectly, and not to encourage any other person to do so.

The judge said it was accepted by Schneider removal orders against Facebook/Meta were “fraught with difficulties”, including jurisdictional ones, and discontinued the takedown application against those organisations.

The judge did not order Tarawhiti-Brown to apologise to Schneider and lifted the suppression orders by consent of both parties, who had to pay their own legal costs.

Schneider and the NZ Veterinary Association, which has been supporting her, declined to comment on these court orders.

Tarawhiti-Brown was also approached for comment.

Sandra Conchie is a senior journalist at the Bay of Plenty Times and Rotorua Daily Post who has been a journalist for 24 years. She mainly covers police, court and other justice stories, as well as general news. She has been a Canon Media Awards regional/community reporter of the year.

Advertisement

Advertise with NZME.

Source link

Keep an eye on what we are doing
Be the first to get latest updates and exclusive content straight to your email inbox.
We promise not to spam you. You can unsubscribe at any time.
Invalid email address
Continue Reading

Trending