Security experts from Kaspersky found a 2016 social media malware campaign resurfacing, targeting millions of users across the world. This sophisticated social media malware campaign operated by “SilentFade” cybercriminal group is aimed at targeting Facebook users, using a combination of Windows Trojan, browser injections, and clever scripting to exploit bugs in social media platforms.
According to a report, India stood first on the list of infected countries by this malware campaign with 603 infections. Brazil was listed second with 255 infections followed by Indonesia with 221 infections.
Kaspersky researchers claimed that they have recorded Frank Rootkit and found multiple similarities to the SilentFade’s campaign from 2016. A rootkit is a malicious software that allows an attacker to illicitly gain privileged access to the victim’s computer to infiltrate an operating system or a database to evade detection and perform malicious operations. A rootkit contains several malicious tools like keyloggers, banking credential stealers, password stealers, antivirus disablers, and bots.
SilentFade’s Rare Modus Operandi
Facebook stated the hacker group managed to defraud victims for more than $4 million, which they used to post malicious ads across the social networking platforms. Reportedly, SilentFade is linked to Chinese threat actors that targeted Facebook’s ad platform between late 2018 and February 2019.
The same group used a Trojan to compromise the users’ browsers and steal passwords and browser cookies to eventually obtain authorized access to their Facebook accounts. They mainly targeted accounts that had the payment method linked to their profiles. The malware campaign ran ads from compromised Facebook accounts and used cloaking elements to escape detection.
Secure Your Social Media
As threat actors often leverage social media platforms to target their victims and perform malicious operations online, users must secure their social media accounts and be vigilant on what they open or download online. Users must:
- Keep their personal data limited
- Enable privacy settings
- Avoid public Wi-Fi and use a secure VPN connection
- Use strong passwords or passphrases
- Always ensure that they make online purchases from legitimate and secure sites
- Update antivirus solutions regularly