Tag

Ov3rstealer

All articles tagged with #ov3rstealer

cybersecurity1 year ago•2 min saved

"Facebook Ads Spreading Ov3r_Stealer Malware to Steal Crypto and Credentials"

A new password-stealing malware called Ov3r_Stealer is being spread through fake job ads on Facebook, leading users to a Discord URL where a PowerShell script downloads the malware payload from a GitHub repository. The malware, discovered by Trustwave, targets a wide range of apps and attempts to steal account credentials and cryptocurrency. It establishes persistence on infected computers and sends stolen data to a Telegram bot every 90 minutes. Trustwave has found links between the malware and specific usernames in software cracking forums and notes code similarities with another stealer, Phemedrone. The nationality of the threat actor behind Ov3r_Stealer remains inconclusive.

via BleepingComputer|

#cybersecurity #facebook #malware

cybersecurity1 year ago•2 min saved

"Facebook Job Scam Spreads Ov3r_Stealer Malware to Steal Crypto and Credentials"

Fake Facebook job ads are being used to distribute a new Windows-based stealer malware called Ov3r_Stealer, designed to steal credentials and crypto wallets. The malware is spread through a weaponized PDF file shared on fake Facebook accounts and ads, ultimately leading to the execution of a PowerShell loader from a GitHub repository. Similarities with another stealer called Phemedrone suggest that Ov3r_Stealer may be a re-purposed version of it. Threat actors are observed sharing news reports about the malware to build credibility for their malware-as-a-service business. This comes amidst reports of threat actors advertising access to law enforcement request portals and the emergence of infections leveraging cracked software to drop information stealers, crypto miners, and ransomware.

via The Hacker News|

#cybersecurity #facebook #malvertising