Security News > 2024 > July > Facebook ads for Windows desktop themes push info-stealing malware
Cybercriminals use Facebook business pages and advertisements to promote fake Windows themes that infect unsuspecting users with the SYS01 password-stealing malware.
While using Facebook advertisements to push information-stealing malware is not new, the social media platform's massive reach makes these campaigns a significant threat.
Downloading the fake Windows themes would deliver an archive named 'Awesome Themes for Win 10 11.zip', and Photoshop would be 'Adobe Photoshop 2023.zip.
While downloaders may think they are now getting a free application, game, or Windows theme, the archive actually contains the SYS01 information-stealing malware.
"Since it was first observed in 2022, the SYS01 malware has shifted its delivery method by moving away from adult-themed clickbaits and game-related ads to an approach which targets the general audience like Windows themes and AI-based software tools advertisements."
Trustwave reported in February about a similar Facebook malvertising campaign pushing the Ov3r Stealer password-stealing malware.
News URL
Related news
- New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems (source)
- Pakistan-linked Malware Campaign Evolves to Target Windows, Android, and macOS (source)
- Windows MSHTML zero-day used in malware attacks for over a year (source)
- July Windows Server updates break Remote Desktop connections (source)