APPS
APPS
APPS
Malware app pretending to offer stress relief targets Facebook credentials
At least 40,000 Facebook accounts have been compromised via a new form of malware distributed via a painting application.
Called “StressPaint,” the application, pitched as offering to relieve stress by painting, is being spread through phishing emails and on Facebook itself, according to security firm Radware Ltd., which first identified the campaign. Recipients are led to believe they are going to legitimate sites such as AOL to download a legitimate application.
But once installed, StressPaint steals Facebook credentials and other data by sending the content of Chrome browser cookies and login date files to a command-and-control server. Going far beyond the Cambridge Analytica data scraping that has outraged so many people, the malware also takes other data from the compromised account, including the number of friends, whether the account manages a page or not and whether a payment method is connected to the account.
Complicating matters, Radware noted, attackers could go after Amazon.com Inc. users in a future campaign because the control panel for the malware, based on a Chinese content management system called Layuicms2.0, features a section for Amazon that is not yet functional. “Radware believes that this implies that the group’s next target will be Amazon,” the post notes.
Discussing the Facebook-targeted malware, Zack Allen, director of threat operations at ZeroFOX Inc., told SiliconANGLE that as the importance of social media for public discourse and information gathering continues to skyrocket, so too will the attack surface of organizations and individuals.
“This malware infection is a perfect demonstration of the viral nature of social media, the accessibility to targets that these networks present and the inherent trust that humans have with one another,” Allen explained. “Social media users need to be cognizant of any communication that looks suspicious. Unlike email, they aren’t just managing an inbox. They are handling comments, posts, likes, direct messages and apps – all of which present a distinct set of vectors for attack.”
That said, Allen did note that “we cannot place all the blame on end users for the feature-rich experience that social media provides and the myriad vectors of attacks that hackers can use against them.” The security industry, he said, “should prepare for these vectors as much as possible to help the everyday user, as well as their corporate environments.”
Image: mkhmarketing/Flickr
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
