BleepingComputer reports that more than 600 unique Facebook and YouTube users had their social media accounts hijacked and their devices compromised for cryptomining by the novel S1deload Stealer malware campaign between July and December, with attacks still ongoing.
Social-engineering tactics are being leveraged by attackers to lure users into downloading archives with adult themes that are linked on Facebook comments, which when downloaded and installed would prompt the deployment of S1deload Stealer, according to a report from Bitdefender's Advanced Threat Control team.
Aside from enabling the download of more components for malicious activity, S1deload Stealer also facilitates the execution of a stealer for browser-stored credential and cookie decryption and exfiltration, as well as the deployment of a BEAM cryptojacker.
"The stealer component we observed in the wild steals the saved credentials from the victim's browser, exfiltrating them to the malware author's server. The malware author uses the newly obtained credentials to spam on social media and infect more machines, creating a feedback loop," said Bitdefender researcher Dvid cs.
Fifty percent more distributed denial-of-service attacks have been launched by threat actors during the first quarter of 2024 over the same period last year, with thwarted DDoS attacks increasing by 93% year-over-year, SiliconAngle reports.
Security Affairs reports that attacks with an updated iteration of the LightSpy iOS spyware using the "F_Warehouse" framework have been deployed against Southern Asian targets as part of a new cyberespionage campaign.
Operations of Russia's industrial sensor and monitoring infrastructure were claimed to have been disrupted by Ukrainian hacking operation Blackjack following a Fuxnet malware attack against Moscow-based underground infrastructure firm Moscollector, reports SecurityWeek.