Security News > 2021 > March > New CopperStealer malware steals Google, Apple, Facebook accounts
Previously undocumented account-stealing malware distributed via fake software crack sites targets the users of major service providers, including Google, Facebook, Amazon, and Apple.
The malware, dubbed CopperStealer by Proofpoint researchers, is an actively developed password and cookie stealer with a downloader feature that enables its operators to deliver additional malicious payloads to infected devices.
The threat actors behind this malware have used compromised accounts to run malicious ads and deliver additional malware in subsequent malvertising campaigns.
CopperStealer is being distributed via fake software crack sites and known malware distribution platforms such as including keygenninja[.
CopperStealer shows similar targeting and delivery methods with the SilentFade malware used to steal browser cookies and promote malicious ads via compromised Facebook accounts, leading to over $4 million in damages.
"CopperStealer is going after big service provider logins like social media and search engine accounts to spread additional malware or other attacks. These are commodities that can be sold or leveraged."
News URL
Related news
- Fake Homebrew Google ads target Mac users with malware (source)
- Google Play, Apple App Store apps caught stealing crypto wallets (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking (source)
- Apple missed screenshot-snooping malware in code that made it into the App Store, Kaspersky claims (source)
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)