• 尚無留言

Recently, cybersecurity firm Guardio exposed a malicious software attack that exploited Facebook business accounts to disseminate malware, resulting in over 500,000 victims worldwide. According to Guardio’s investigation, the attack was orchestrated by a Vietnamese hacker group that specifically targeted Facebook users in the United States, Canada, the United Kingdom, and Australia. The attackers utilized business accounts to publish malicious advertisements, luring users into clicking on links and downloading the malicious software.

These malicious posts typically claim to offer discounts, free software, or online shopping opportunities to lure users into clicking on the links. Once a user clicks on the link, they will download a ZIP compressed file, which, when opened, installs the malicious software. To deceive users, the hackers disguise the malicious software as an image, making users believe it is a safe file, leading them to execute the malware.

The malicious software has been named “SYS01 Stealer,” and it operates in the background of the computer system. It is capable of collecting sensitive information such as user’s browser cookies, account data, and more. Once collected, this data is then transmitted to the attacker’s server. Furthermore, the attackers leverage system tools provided by hard drive manufacturers like Western Digital and Seagate to execute the malicious program through DLL sideloading. This technique allows them to evade detection by antivirus software, making it more challenging to identify and remove the threat.

The recent attack serves as a stark reminder that malicious software attacks have become a serious issue in internet security. Attackers are increasingly using social media platforms to spread malware, a tactic that can be particularly deceptive since people tend to trust information from familiar sources. To protect oneself from such attacks, it is crucial to remain vigilant and avoid clicking on unfamiliar advertisements or links, especially those received through emails, text messages, or social media messages from unknown sources. Additionally, users should employ security tools such as antivirus software and firewalls, regularly updating and scanning their computers to ensure system security and prevent malware attacks. By adopting these practices, individuals can reduce the risk of falling victim to malicious software and safeguard their online activities.

Furthermore, hard drive manufacturers need to review and enhance the security of their system tools to prevent being exploited by hackers for DLL sideloading attacks to distribute malicious software. All relevant businesses and individuals should raise their awareness and prioritize cybersecurity to protect their own and others’ privacy and data security.