According to TechRadar , cybersecurity researchers have just discovered a new variant of the Python NodeStealer malware, capable of stealing credit card information from users' Facebook Business and Facebook Ads Manager accounts.

NodeStealer Malware Is Hijacking Facebook Accounts to Steal Credit Card Information

Previously, Python NodeStealer primarily targeted Facebook Business accounts to steal login credentials. However, the new version of the malware has been upgraded with more dangerous features, allowing it to attack Facebook Ads Manager accounts and steal credit card data stored in the browser.

Accordingly, the Python NodeStealer malware will copy the browser's Web Data database, which stores sensitive information such as autofill information and payment methods. It will then use Python's SQLite3 library to extract credit card information from this database.

Notably, this malware also takes advantage of Windows' reboot manager to unlock database files, thereby easily stealing data without being detected.

Experts believe that the Python NodeStealer malware was developed by a group of hackers in Vietnam. Their goal is to hijack verified Facebook accounts to carry out malicious advertising campaigns.

Experts also recommend that Facebook users be vigilant, not click on suspicious links, and regularly check their account security. They should use strong passwords and enable two-factor authentication to better protect their accounts.