“This appears very widespread and growing,” the research team told TechCrunch. “We classified this as an ongoing malicious campaign with the threat actors actively marketing it as ‘Facebook Password Stealer’ or, more innocuously, ‘Facebook Password Recovery.’ “The attackers also seem to be sophisticated marketers who understand there is potentially big demand for the purported service and are distributing the sample via Spam, Ad campaigns, Pop-ups, Bundled Software, Porn sites and also some times as a standalone software.” The malware campaign lures the victims who are seeking the software for hacking into other people’s Facebook accounts. Once the victim clicks the “hack” button, it downloads and runs, and also drops a remote access Trojan (RAT) in the background. Currently, the password stealing malware is only limited to Windows PC users, although it’s not uncommon to see similar malware targeting mobile users, the researchers said. “The target market goes beyond a typical hacker subset (if there is such a thing) and targets the general user who may be tempted to get inside someone’s Facebook account (friends, enemies, significant others, et al.),” the researchers told TechCrunch. “While there have been methods and apps offering Facebook hacks, this specific malicious campaign which uses the promise of easy Facebook password theft as bait is completely new.” Source: TechCrunch
