Millions of individuals, especially men ages 45 and older, are at risk of being targeted by malicious Facebook ads spreading the SYS01 information-stealing malware as part of an ongoing malvertising campaign initially discovered last month, reports Hackread.
Attackers leveraged pernicious ads to lure targets into downloading ZIP packages with the malicious Electron app in the guise of legitimate software, which downloads the SYS01 infostealer that primarily compromises Facebook credentials while displaying the advertised software to conceal compromise, according to a Bitdefender report. Theft of Facebook credentials would be followed by exploitation of breached accounts to establish new malicious ads with improved security filter evasion capabilities aimed at expanding the reach of the infostealer, said researchers, who also noted the underground trade of stolen credentials as another revenue generator for the threat actors. Individuals have been urged to track their accounts, be vigilant of ads, leverage official channels for software downloads, implement robust security software, and activate two-factor authentication to prevent potential compromise.