Security News > 2021 > March > New CopperStealer malware steals Google, Apple, Facebook accounts
Previously undocumented account-stealing malware distributed via fake software crack sites targets the users of major service providers, including Google, Facebook, Amazon, and Apple.
The malware, dubbed CopperStealer by Proofpoint researchers, is an actively developed password and cookie stealer with a downloader feature that enables its operators to deliver additional malicious payloads to infected devices.
The threat actors behind this malware have used compromised accounts to run malicious ads and deliver additional malware in subsequent malvertising campaigns.
CopperStealer is being distributed via fake software crack sites and known malware distribution platforms such as including keygenninja[.
CopperStealer shows similar targeting and delivery methods with the SilentFade malware used to steal browser cookies and promote malicious ads via compromised Facebook accounts, leading to over $4 million in damages.
"CopperStealer is going after big service provider logins like social media and search engine accounts to spread additional malware or other attacks. These are commodities that can be sold or leveraged."
News URL
Related news
- Azure domains and Google abused to spread disinformation and malware (source)
- New macOS Malware "Cthulhu Stealer" Targets Apple Users' Data (source)
- Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign (source)
- New Voldemort malware abuses Google Sheets to store stolen data (source)
- Malware locks browser in kiosk mode to steal Google credentials (source)
- Android malware 'Necro' infects 11 million devices via Google Play (source)
- New Octo Android malware version impersonates NordVPN, Google Chrome (source)
- Fake Trading Apps Target Victims Globally via Apple App Store and Google Play (source)