Upgraded version of malware with many dangerous features

Talking to PV of Dai Doan Ket Newspaper, cyber security expert Nguyen Hung, co-founder of the Anti-Fraud project (chongluadao.vn) said that recently, cyber security experts have discovered a new variant of the Python NodeStealer malware, which is capable of stealing credit card information from Facebook Business and Facebook Ads Manager accounts.

Notably, experts believe that this malware was developed by a group of hackers in Vietnam. Their goal is to hijack verified Facebook accounts to carry out malicious advertising campaigns.

Previously, the Python NodeStealer malware primarily targeted Facebook Business accounts to steal login credentials.

However, the new version of this malware has been upgraded with more dangerous features, allowing it to attack both Facebook Ads Manager accounts and steal credit card data stored in the browser.

The malware targets Facebook Ads Manager accounts, collects information about advertising budgets, and takes control of the accounts to run malicious advertising campaigns.

"The malware works by using the Python programming language, exploiting Windows Restart Manager to unlock browser database files, thereby extracting credit card data and login information.

NodeStealer is typically distributed via malicious links, email attachments, or fake software. When a user downloads and opens the file, the malware is installed and begins collecting information," the analyst said.

Recommendations for Facebook users

Cybersecurity expert Nguyen Hung recommends that Facebook users should be wary of links and attachments, and not click on links or download files from unclear or untrusted sources.

In addition, Facebook users need to update software regularly; ensure that the operating system, browser and security software are always updated to the latest version to patch security holes.

Additionally, Facebook users can also use security software; install and maintain anti-virus software and firewalls to detect and prevent malware.

Users need to enable two-factor authentication (2FA): Enable 2FA for important accounts such as Facebook, email to enhance security.

“Users should check and manage their Facebook access rights; regularly check devices and applications that have access to your account, revoke access if abnormalities are detected; use a password management program and do not save passwords or cookies in the browser to protect personal Facebook accounts,” cybersecurity expert Nguyen Hung recommended.