There is one type of malware revolving around the web now that could dupe almost anyone. Zscaler ThreatLabz team, a global team composed of security experts, researchers, and network engineers, discovered the new type of malware known as Win32.PWS.FFDroider or, in a shorter term, FFDroider – since it creates a registry key as FFDroider. The novel windows-based malware can send stolen credentials and cookies to a Command & Control server.

According to the Zscaler ThreatLabz team, the newly discovered malware mimics the widely used messaging app Telegram. After having access to the person’s machine or PC, the FFDroider starts executing the attack by stealing cookies and credentials from a browser, including Google Chrome, Mozilla Firefox, Internet Explorer, and Microsoft Edge. Using the stolen cookies, FFDroider will sign into the person’s social media platforms to extract account information that will be used to steal more personal or sensitive information.

Moreover, the Zscaler ThreatLabz team reports that it will show fake ads to trick individuals into entering their sensitive information, leading to further attacks. The group says it is most prominent on Facebook. But aside from the said platform, users from Instagram and Twitter and e-commerce sites like Amazon, eBay, and Etsy can also be targeted. Once the information is stolen from the individual, the criminals can use it to obtain money.

With this, everyone is encouraged to be more observant with where they will download the Telegram application and set up primary security protections, such as keeping the computer software updated and using two-factor authentication for social media accounts.

Comments