The phenomenon of attacks phishing disseminated via Facebook Messenger It’s certainly nothing new but, apparently, this type of threat is reaching worrying proportions, to say the least.
The campaigns, in this sense, present a simple but at the same time effective modus operandi. We talk about RAR archives o ZIP offered to potential victims. A downloader based on is included in these archives Pythoncapable of stealing cookie e stored passwords in browsers on the infected hardware.
According to statistics included in the new report by Guardio Labs only one attack out of seventy is successful. If this data may seem reassuring, it is not exactly so: the estimates, in fact, speak of approximately 100,000 accounts attacked every week.
Facebook Messenger and phishing? Corporate accounts in the sights of cybercriminals
Hackers initiate the attack by sending Messenger phishing messages to Facebook business accounts, faking copyright violations or requests for more information about a product.
Once your computer is infected, the malware collects cookies and other data, includes them in a file ZIP (called Document.zip) and sends the content to the attacker, through Telegram o Discord.
In order to be able to act undisturbed, the criminal acts by deleting all cookies from the victim’s device. This is useful for logging out of all accounts, gaining time to take control of some of them (before any password recovery operations).
Since social media companies tend to take time to respond to support email for compromised accounts, cybercriminals have all the technical time to choose how to act and obtain maximum profit.
To avoid disasters, not only for the individual user but for entire companies, it is therefore a good idea to pay close attention to the messages you receive on social networks. Secondly, obviously, a good one security suite can help make your device more secure against these threats.