Topic: FFDroider Stealer: New malware stealer (Read 127 times)
different names but it always boils down to same cause.
I use a torrent downloader on my smartphone to download movies only and that's through yts movies only which I believe is a secured movie download website, its more dangerous to use your PC to download games, movies, music with utorrent or other, can't remember how many times I've formatted my PC because of this, many strange things will start happening on the PC after few torrent downloads.
Nah, I don't think that there is this so called secured movie download. You can't just trust anything in the net specially movies, crack softwares and anything that is free. Of course, everyone has gone through that stages of downloading, but if you get yourself involved into crypto, you will learn so many security hygiene and practices that you wouldn't touch any warez or torrent sites, at least in my case.
In general, it is better to use a hardware wallet if you do not have a technical background or air gapped pc.
If we are to be honest, someone who is naive enough to allow this kind of malware to be installed on his computer will not (in many cases) be able to protect himself even if he uses a hardware wallet. There are already seed stealers who in a very trivial way ask users to enter their seed because their hardware wallet is in danger, and one who does not understand how the whole thing works will become a victim sooner or later.
I can’t say I haven’t used cracked OS and software before, and downloaded various media files - but at a time when there are so many streaming platforms, legal IPTV, satellite TV, and legal software are relatively cheap, I don't see why risking this kind of malware for a few $ savings.
I use a torrent downloader on my smartphone to download movies only and that's through yts movies only which I believe is a secured movie download website, its more dangerous to use your PC to download games, movies, music with utorrent or other, can't remember how many times I've formatted my PC because of this, many strange things will start happening on the PC after few torrent downloads.
One relevant aspect to further mention, as per the article, is that this malware, once installed, disguises itself as Telegram on the device, allegedly in order to avoid detection. The article, however, does not detail how this actually works. I’ve read one additional article claiming that it actually creates a desktop icon that resembles telegram, but no further details are provided.
It also even tries to upgrade itself, thus potentially extending the scope at any given point in time, and the fact that it steals credentials (i.e. from those stored in Chrome) is a clear sign that it could just as well extend to stealing crypto passwords.
It also even tries to upgrade itself, thus potentially extending the scope at any given point in time, and the fact that it steals credentials (i.e. from those stored in Chrome) is a clear sign that it could just as well extend to stealing crypto passwords.
This malware targets social media like Twitter, Facebook and Instagram.
Perhaps this is an additional reason that pushes you to stop using "social media," most of the social media have turned into tools for collecting information, so it is better to try to reduce their use if not stop visiting them.Connecting your device that contains a wallet to the Internet is enough reason to put a bug in your security, let alone download random applications or that gives you a “free” subscription.
In general, it is better to use a hardware wallet if you do not have a technical background or air gapped pc.
Almost all hacks and scams start from somewhere and some external action made by a person- like downloading stuff from risky websites such as torrents, etc.
If a person downloads something on the internet, he/she runs into the risks of injecting malware to his laptop/PC. That is why, everyone must truly exercise caution in surfing the web. Another thing, it is also advisable that you keep a separate repository of your coins to the laptop/PC that you are using in the event that you get hacked. That is why, almost everyone has a hardware wallet to keep their respective coins safe.
Nonetheless, this is really informative, OP. Everyone should be careful on what you download on the internet given that scams nowadays are very rampant.
If a person downloads something on the internet, he/she runs into the risks of injecting malware to his laptop/PC. That is why, everyone must truly exercise caution in surfing the web. Another thing, it is also advisable that you keep a separate repository of your coins to the laptop/PC that you are using in the event that you get hacked. That is why, almost everyone has a hardware wallet to keep their respective coins safe.
Nonetheless, this is really informative, OP. Everyone should be careful on what you download on the internet given that scams nowadays are very rampant.
Another reason not to used your machine that you uses for crypto related to download of crack softwares and torrents and other supposedly free softwares and other games. Why because there is a new stealer malware. This malware targets social media like Twitter, Facebook and Instagram.
And this malware is known as FFDroider Stealer.
Attack cycle:
Key features of this attack:
Target Browsers:
So what this means for us crypto enthusiast, well we have seen such attacks in the past, this criminals take over individual social media account specially those who have a lot of followers to run their crypto scams, so everyone should be careful.
For a detailed technical explanation you can read it here: https://www.zscaler.com/blogs/security-research/ffdroider-stealer-targeting-social-media-platform-users
And this malware is known as FFDroider Stealer.
Attack cycle:
Key features of this attack:
Quote
- Steals cookies and credentials from the victim’s machine.
- Targeting social media platforms to steal the credentials and cookies.
- The stealer signs into victims' social media platforms using stolen cookies, and extracts account information like Facebook Ads-manager to run malicious advertisements with stored payment methods and Instagram via API to steal personal information..
- Leverages inbound whitelisting rules in Windows Firewall allowing the malware to be copied at desired location.
- Attacker uses iplogger.org to track the infection counts.
- Targeting social media platforms to steal the credentials and cookies.
- The stealer signs into victims' social media platforms using stolen cookies, and extracts account information like Facebook Ads-manager to run malicious advertisements with stored payment methods and Instagram via API to steal personal information..
- Leverages inbound whitelisting rules in Windows Firewall allowing the malware to be copied at desired location.
- Attacker uses iplogger.org to track the infection counts.
Target Browsers:
Quote
- Google Chrome
- Mozilla Firefox
- Internet Explorer
- Microsoft Edge
- Mozilla Firefox
- Internet Explorer
- Microsoft Edge
So what this means for us crypto enthusiast, well we have seen such attacks in the past, this criminals take over individual social media account specially those who have a lot of followers to run their crypto scams, so everyone should be careful.
For a detailed technical explanation you can read it here: https://www.zscaler.com/blogs/security-research/ffdroider-stealer-targeting-social-media-platform-users
Jump to: