advertisement
Facebook Instagram Linkedin Youtube Spotify
Search
Close this search box.
Facebook
X
LinkedIn
WhatsApp
Reddit

These Facebook ads will actually steal your passwords – watch out

  • Hackers are using paid-for Facebook ads to trick people into downloading a virus.
  • This virus, SYS01, can steal your passwords and other private information once downloaded
  • Watch out for ads purported to offer free downloads of popular video games, Windows Themes and programmes like Office and Photoshop.

Hackers are now luring people on Facebook with ads in order to gain access to Windows PCs and steal user passwords.

According to Bleeping Computer, cybercriminals are promoting fake Windows theme changers, applications and videogame on ads on the platform, which then lead you to a webpage with a download button. Once downloaded, users inadvertently allow a password stealing malware right into their PCs.

It will download an archive or ZIP file called “Awesome_Themes_for_Win_10_11.zip”, or “Adobe_Photoshop_2023.zip” if it was PhotoShop, but instead of these actually programmes what you end up downloading is a file called SYS01 – a password stealing malware, that sends information automatically to hackers.

These passwords can then be used to launch attacks like the National Health Laboratory Service (NHLS) earlier this month, but most will likely target your personal finances, or will sell your information on the dark web.

The malware campaign was first picked up by researchers at Trustwave, who say that while using online advertising to trick users with information-siphoning malware is an old method, using Facebook as the platform – with its billions of users – provides an even larger risk.

Dodgy adverts containing malware. Image sourced from Trustwave.

Hackers are buying ad-spots on Facebook across a number of different profiles, offering free games like FIFA 23, Call of Duty, Tekken 8, and others. They also include cracks for programmes like Microsoft Office and PhotoShop “completely free.”

“The threat actors assume the business identity by renaming the Facebook pages, this allows them to leverage the existing follower base to amplify the reach of their fraudulent advertisement significantly,” reads the report from Trustwave.

The cybersecurity firm says that these pages originate mostly in Vietnam and the Philippines and take names like blue-softs, xtaskbar-themes, newtaskbar-themes, and awesome-themes-desktop, with at least 15 700 dodgy ads seen by Trustwave across the campaigns at different times.

Watch out for ads on Facebook offering free services for programmes you know you have to pay for and keep away from new Windows Themes adverts on the social media platform. Above all, do not download anything from a source you don’t trust and make sure your antivirus software is up to date, if you have.

[Image – Photo by Solen Feyissa on Unsplash]

advertisement

About Author

More
Luis Monzon

Luis Monzon

Writer/journalist for HTXT. Beats are education and consumer tech. Reach me at Luis@HTXT.co.za.
advertisement

Related News

Digitalisation can help fix Home Affairs but it’s not a silver bullet

Cybersecurity pushes scammers back to the phone lines

1 in 4 WiFi hotspots in Paris vulnerable says cybersec firm

Telegram is still a criminal haven

Phishing isn’t an Olympic sport, but that’s not stopping cybercriminals

Surfshark’s latest product is a digital burner phone

advertisement
Facebook Instagram Linkedin Youtube Spotify
Hypertext is one of South Africa’s leading technology news and reviews sites. We publish original content daily for consumers and businesses.
All original words & media by Hypertext by htxt.media are licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Permissions beyond the scope of this license may be available at Hypertext. Where images and material are supplied by rights holders outside of htxt.media, original publishing licences are indicated and unaffected.
Click here to suggest a story.
Click here for advertising.
© 2024. All rights reserved by HTXT.