What you need to know
- A type of malware was recently discovered that attempts to steal people's personal information by obtaining social media account details.
- The stealer then logs into a user's social media accounts and shows fake ads to trick people into entering personal information.
- The malware disguises itself by pretending to be the messaging app Telegram.
A new type of malware has been discovered by Zscaler ThreatLabz. Dubbed Win32.PWS.FFDroider, or FFDroider for short, the malware attempts to steal people's sensitive information using various methods. The primary path of attack is stealing people's cookies and credentials from a browser, logging into a victim's social media accounts, then tricking users into entering sensitive information.
FFDroider disguises itself as a fake version of the messaging app Telegram. Once on a victim's PC, the program targets a browser with the intention of stealing cookies and credentials. Google Chrome, Mozilla Firefox, Internet Explorer, and Microsoft Edge can all be targeted by the stealer.
After stealing information, FFDroider gets into the target's social media accounts, such as Facebook. It can then show malicious advertisements that trick people into entering personal information.
In addition to going after details connected to Facebook, Instagram, and Twitter, FFDroider targets Amazon, eBay, and Etsy.
Telegram is one of the best WhatsApp alternatives, and many people have adopted it over the last year or so. Potential victims may be unfamiliar with Telegram and download an imposter version of the app.
Like many pieces of malware, the ultimate goal of FFDroider is to obtain sensitive information that can be used to steal money.
To protect yourself from FFDroider and other attacks, make sure to enable two-factor authentication on social media accounts and to make sure that you download apps from reputable sources. Using some of the best antivirus software can also help keep your PC and information safe.
