Security News > 2024 > July > Facebook ads for Windows desktop themes push info-stealing malware
Cybercriminals use Facebook business pages and advertisements to promote fake Windows themes that infect unsuspecting users with the SYS01 password-stealing malware.
While using Facebook advertisements to push information-stealing malware is not new, the social media platform's massive reach makes these campaigns a significant threat.
Downloading the fake Windows themes would deliver an archive named 'Awesome Themes for Win 10 11.zip', and Photoshop would be 'Adobe Photoshop 2023.zip.
While downloaders may think they are now getting a free application, game, or Windows theme, the archive actually contains the SYS01 information-stealing malware.
"Since it was first observed in 2022, the SYS01 malware has shifted its delivery method by moving away from adult-themed clickbaits and game-related ads to an approach which targets the general audience like Windows themes and AI-based software tools advertisements."
Trustwave reported in February about a similar Facebook malvertising campaign pushing the Ov3r Stealer password-stealing malware.
News URL
Related news
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware (source)
- New SteelFox malware hijacks Windows PCs using vulnerable driver (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)
- NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data (source)
- Windows, macOS users targeted with crypto-and-info-stealing malware (source)
- New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools (source)