Security News > 2021 > March > New CopperStealer malware steals Google, Apple, Facebook accounts
Previously undocumented account-stealing malware distributed via fake software crack sites targets the users of major service providers, including Google, Facebook, Amazon, and Apple.
The malware, dubbed CopperStealer by Proofpoint researchers, is an actively developed password and cookie stealer with a downloader feature that enables its operators to deliver additional malicious payloads to infected devices.
The threat actors behind this malware have used compromised accounts to run malicious ads and deliver additional malware in subsequent malvertising campaigns.
CopperStealer is being distributed via fake software crack sites and known malware distribution platforms such as including keygenninja[.
CopperStealer shows similar targeting and delivery methods with the SilentFade malware used to steal browser cookies and promote malicious ads via compromised Facebook accounts, leading to over $4 million in damages.
"CopperStealer is going after big service provider logins like social media and search engine accounts to spread additional malware or other attacks. These are commodities that can be sold or leveraged."