With over two billion registered users, Facebook has become a target for advanced malware campaigns. These phishing campaigns steal unsuspecting users’ information. Businesses on Facebook are being targeted by password-stealing malware.
What Is Malware?
Malware is an insidious software that steals sensitive information from victims. The software exploits weak points in a device’s security framework to infiltrate the system and access private information. Once the malware gains access, it sends information to the hacker deploying it.
How Phishing Works
Like many Facebook cybersecurity threats, The recent malware attacks employ phishing to grab a user’s attention and create panic. A bad actor creates an account, disguising their identity as an authority figure. This disguise convinces the target to follow their instructions.
The actor sends a file batch to the target. In many cases, the targets download and open the files, allowing the malware to obtain information.
How Businesses on Facebook Are Being Targeted by Password-Stealing Malware
Businesses on Facebook are being targeted by password-stealing malware via Facebook Messenger. The hackers responsible for the malware primarily target business owners with brand accounts on the platform. Once they identify users that fit their victim profile, they send messages claiming that the user somehow violated copyright laws.
Then, they’ll upload a file batch featuring the RAR or ZIP extension. This file batch connects to a GitHub repository containing malware droppers. Should the victim download the file batch, the files deploy the malware onto their device. The malware commits Facebook credential theft, accessing and storing passwords, login emails, cookies, and data for other websites.
The malware does more than threaten the victim’s Facebook password security. It also creates its own Python environment. This environment allows the malicious software to run with each new boot-up.
Why Facebook?
Hackers target Facebook for many reasons. Although Facebook’s security staff work hard to protect the site’s users, hackers develop increasingly advanced methods to steal money and data from users by any means necessary.
This recent campaign may threaten Facebook businesses because business accounts often have known connections to money and other valuable digital resources. It successfully targets one in every 70 accounts.
Protective Measures Business Owners Can Take
This new type of attack method differs from traditional phishing scams. Traditional phishers coax victims into manually entering their information via online forms. This campaign, on the other hand, causes harm automatically at the click of a mouse when the victim downloads the files. It is so dangerous because victims may not even know their passwords and devices have been compromised.
Businesses on Facebook are being targeted by password-stealing malware, but yours doesn’t have to be one of them. These Facebook security tips are good places to start:
- Avoiding message requests from unknown parties
- Avoiding communication and connections from new or suspicious accounts
- Not downloading files from unverified sources
- Reporting accounts sending messages about copyright laws or acting as an authority