Don’t Open Any Files Received from Unknown Sources: NodeStealer Malware Attacks Continues

Security
By Sidharth Joseph
Malware
Image Source: Webster Five

It has been reported that Facebook business accounts are being subjected to attacks from a variant of the Python-based NodeStealer malware. By sending messages to accounts, the credentials of the users are being stolen and the accounts are then supposedly going to be used for other malicious activities.

Read more about it below.

NodeStealer Malware – Beware

NodeStealer had first originated as a JavaScript malware and was used to steal credentials and cookies from the victim’s web browser and as of December 2022, another attack revealed the Python version being used for the same purpose. Some of its other Python versions were also reported to have been used to conduct cryptocurrency thefts as well.

The victims of the current attack wave are mostly from Southern Europe and Northern America, and are basically accounts of people from manufacturing services or technology sectors. An image of a defective product is being shared along with the malware and once the users click on it, they’ll be directed to a website on their web browser. While the user is misled into the website and is distracted, the malware does its job in the background.

When the new variant of the NodeStealer malware is compared to its previous versions, unlike before, the new variant has batch files that are being used to download and run the Python scripts, and thereby, the credentials and cookies for multiple websites from different browsers are stolen.

It has also been reported that more targeted attacks might take place later and with all the already stolen credentials, the wrong-doers have everything with them to take over accounts and continue their misdeeds.

It is advised that if by chance such a doubtful file has been sent to you from known or unknown sources, always contact them and ensure that it is safe before you access it.

Via.


Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More
You might also like More from author

Advertisement

If you think there is an error in reporting or we missed something, please report it to us via [email protected] or you can visit our news correction policy page.

 

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More