Security News

Fraud ring pushes 600+ fake web shops via Facebook ads
2024-07-31 14:14

A malicious fraud campaign dubbed "ERIAKOS" promotes more than 600 fake web shops through Facebook advertisements to steal visitors' personal and financial information. [...]

SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
2024-07-16 10:11

Malicious Google ads are a well known threat, but malvertising can also be found on other popular online destinations such as Facebook, LinkedIn, and YouTube. Case in point: an enduring campaign that aims to infect Facebook users with the SYS01 information stealer, which grabs everything the attackers need to carry on with it endlessly.

Facebook ads for Windows desktop themes push info-stealing malware
2024-07-15 13:00

Cybercriminals use Facebook business pages and advertisements to promote fake Windows themes that infect unsuspecting users with the SYS01 password-stealing malware. While using Facebook advertisements to push information-stealing malware is not new, the social media platform's massive reach makes these campaigns a significant threat.

Facebook PrestaShop module exploited to steal credit cards
2024-06-23 14:08

Hackers are exploiting a flaw in a premium Facebook module for PrestaShop named pkfacebook to deploy a card skimmer on vulnerable e-commerce sites and steal people's payment credit card details. Promokit's pkfacebook add-on is a module that allows shop visitors to log in using their Facebook accounts, leave comments under the shop's pages, and communicate with support agents using Messenger.

North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign
2024-05-16 13:48

The North Korea-linked Kimsuky hacking group has been attributed to a new social engineering attack that employs fictitious Facebook accounts to targets via Messenger and ultimately delivers...

Watchdog tells Dutch govt: 'Do not use Facebook if there is uncertainty about privacy'
2024-04-22 14:00

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Cerebral to pay $7 million settlement in Facebook pixel data leak case
2024-04-16 21:37

The U.S. Federal Trade Commission has reached a settlement with telehealth firm Cerebral in which the company will pay $7,000,000 over allegations of mishandling people's sensitive health data. In March 2023, the company sent out notices of data breach to 3.2 million people who had interacted with its websites, applications, and services, that their information had been exposed due to using tracking pixels on its platform.

Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker
2024-04-12 05:09

Cybersecurity researchers have discovered a credit card skimmer that's concealed within a fake Meta Pixel tracker script in an attempt to evade detection. Sucuri said that the malware is injected...

Fake Facebook MidJourney AI page promoted malware to 1.2 million people
2024-04-05 16:47

Hackers are using Facebook advertisements and hijacked pages to promote fake Artificial Intelligence services, such as MidJourney, OpenAI's SORA and ChatGPT-5, and DALL-E, to infect unsuspecting users with password-stealing malware. In one of the cases seen by researchers at Bitdefender, a malicious Facebook page impersonating Midjourney amassed 1.2 million followers and remained active for nearly a year before it was eventually taken down.

New Python-Based Snake Info Stealer Spreading Through Facebook Messages
2024-03-07 07:39

Facebook messages are being used by threat actors to a Python-based information stealer dubbed Snake that’s designed to capture credentials and other sensitive data. “The credentials harvested...