Threat Actors Deploy Malvertising Campaigns to Hijack Facebook Users’ Accounts

Cybercriminals are using social media platforms, particularly Facebook, to conduct malvertising campaigns and steal personal data. One specific campaign involves the abuse of Meta's ad network to deliver malicious ads to unsuspecting users. The attackers use hijacked Facebook accounts and create multiple profiles featuring photos of young women to entice users to click on infected links. Clicking on the ads downloads a malicious file that steals browser cookies and passwords. The campaign has potentially reached 100,000 users, with the most impacted demographic being males aged 45 and above. The malware being used, called NodeStealer, is an info-stealer that has been updated to target additional platforms and steal crypto wallet balances. Users are advised to use security solutions, stay vigilant, and avoid clicking on suspicious links or downloading media files from untrusted sources.