GeekPolice Tech TutorialsLog in

 


Criminals Have Compromised Tens Of Thousands Of Facebook Accounts

Share

20180418
Criminals Have Compromised Tens Of Thousands Of Facebook Accounts

Criminals Have Compromised Tens Of Thousands Of Facebook Accounts

Criminals have compromised tens of thousands of Facebook accounts in the past few days using malware that masquerades as a paint program for relieving stress. "Relieve Stress Paint" is available through a domain that uses Unicode representation to show up as aol.net on search engines and in emails.



The researchers query showed the trojan was also available on a domain that was designed to appear as picc.com. The researchers suspect the malware is being promoted in spam emails.

Once installed, the malware acts as a legitimate paint program that changes colors and line size with each user click. Behind the scenes, it copies Chrome data that stores cookies and any saved passwords for previously accessed Facebook accounts. The interface also compiled any payment details tied to an account, the number of friends the account had, and whether the account was used to manage a page. The interface also included a section for viewing credentials for victims' Amazon accounts. The continues copy of Facebook credentials persist each time a target opens Relieve Stress Paint and each time the computer restarts.The data is sent to a command-and-control server.

Radware researchers were able to access the command server's interface, which showed that more than 40,000 computers had been infected by the malware in recent days. In the process, tens of thousands of Facebook accounts were compromised.

The malware was designed to copy the credentials in a way that wouldn't be detected by antivirus programs. The copying process, for instance, remained active for less than one minute.



Since then, more than 6,000 more infections have occurred.
remove_circleSimilar topics

Comments

Dr Jay
It sounds promising but definitely is not... I am quite surprised the malware made it that far.
FreeBooter
Yes lets hope its not true!
Permissions in this forum:
You cannot reply to topics in this forum