Security News > 2023 > March > SYS01 stealer targets Facebook business accounts and browser credentials
Morphisec, a security solution provider based in Israel, has reported that an advanced information stealer malware dubbed SYS01 is aimed at stealing access to Facebook business accounts and Chromium-based browsers' credentials.
Morphisec's researcher has also seen the SYS01 malware attack critical government infrastructure employees, manufacturing companies and other industries.
This malware attack is similar to another campaign dubbed S1deload Stealer by Bitdefender, yet the final payload is not the same, leaving the question open as to who is behind the SYS01 stealer attack campaign.
The SYS01 malware attack starts by luring a victim into clicking on a URL from a fake Facebook profile, advertisement, or link to live streams, free applications, movies or games.
SYS01 stealer is able to get all cookies and credentials from Chromium-based browsers.
If the user is logged in to that account, the malware queries Facebook's graph application programming interface to get a token and steals all of the victim's Facebook information.