Security News > 2023 > September > Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising
"And with businesses now leveraging the reach of social media for advertising, attackers have a new, highly-lucrative type of attack to add to their arsenal - hijacking business accounts."
Cyber attacks targeting Meta Business and Facebook accounts have gained popularity over the past year, courtesy of activity clusters such as Ducktail and NodeStealer that are known to raid businesses and individuals operating on Facebook.
Among the methods employed by cybercriminals to gain unauthorized access to user accounts, social engineering plays a significant role.
"Ducktail malware steals saved session cookies from browsers, with code specifically tailored to take over Facebook business accounts," Zscaler ThreatLabz researchers Sudeep Singh and Naveen Selvan noted in a parallel analysis, stating the accounts sell for anywhere between $15 to $340. "The 'products' of the operation feed an underground economy of stolen social media accounts, where numerous vendors offer accounts priced according to their perceived usefulness for malicious activity."
A primary method used to takeover a victim's compromised account is by adding their own email address to that account, subsequently changing the password and email address of the victim's Facebook account to lock them out of the service.
"The high amount of connections/followers helped lend authenticity to the compromised accounts and facilitated the social engineering process for threat actors," the researchers said.
News URL
https://thehackernews.com/2023/09/vietnamese-cybercriminals-targeting.html