Facebook has claimed that the malware is a Chinese sponsored sophisticated campaign stealing millions.
SilentFade is a shorter version of Silently running Facebook Ads with Exploits. The malware can steal Facebook credentials and web browser cookies. The malware helped hackers siphon $ 4 million from user’s advertising accounts.
According to researchers the hackers used the malware to gain access of the user accounts. After obtaining the access of user accounts, hackers started buying ads on behalf of the users. Researchers have claimed that malware operations were noticed in December 2018 when suddenly there was an increase in suspicious traffic around several Facebook endpoints.
During their investigation, Facebook’s team identified various interesting techniques that the malware used for compromising user accounts. The main objective was to commit ad fraud, and run ad campaigns, sometimes as pharmaceutical pills ads and fake celebrity endorsements.
This was a multi-stage malware scheme in which a Windows trojan was used to infect computers. Within a few months hackers were able to buy ads worth $4 million. SilentFade involved multiple evasion techniques, it can detect virtual machines and disable Facebook notification alerts on hijacked accounts.
Facebook claims that financial data like credit card numbers or bank account details were safe because Facebook never exposes them through its desktop website or the Graph API. NPAV recommends users to immediately change their passwords for respective Facebook and all other accounts.
Gaining the access of such sensitive information can allow hackers to launch several cyber attacks. Various phishing attacks for credential stealing and planting backdoor can be launched by hackers by using this information.
Install NPAV on your devices to keep them protected from all kinds of cyber attacks. Use NPAV and join us on a mission to secure the cyber world.