Troubling malware threat spreading on Facebook and Twitter

Troubling malware threat spreading on Facebook and Twitter

Don't be duped by this dark side of social media called 'Malverposting'

by Jenna Roach

A new kind of malware attack is spreading like wildfire on social media including Facebook and through posts on Twitter. There have already been an estimated 500,000 infections worldwide according to researchers at Guardio Labs.

More recently, there is a noticeable surge of fake campaigns on social media sites like Facebook and Twitter where infected promoted posts and ads are deliberately posted to install malware when you click on them.

This new troubling method of spreading malware is known as ‘Malverposting’.  Here’s what we know about it.

 

What is Malverposting?

Malverposting is when someone uses promoted social media posts and tweets to spread malicious software and other security threats.  The way these scammers work is by paying for ads that will boost their malicious posts so that more people see them and then fall for their malware scam.

Many of these posts contain content that will bait you into believing that it’s real. Some will be fake ads for clothing or electronics being sold for super cheap prices, while others will try to convince you to invest in a fake scam or download an app that is actually fake.

Credit: Guardio

 

What are some popular Malverposting campaigns happening now?

One particular campaign that has been gaining traction over the last few months is happening on Facebook. It works by creating new fake business profiles and also hijacks real profiles that have large followings. With these profiles, it overwhelms people’s Facebook feeds with malicious click-bates promising adult-rated photo album downloads for free.

When a victim clicks on the post from this campaign, a malicious ZIP file is downloaded to their computers. The ZIP file contains tons of “photos” that, when clicked, will initiate the process of releasing malware onto the device being used.

2-ZIP FILE MALWARE

Credit: Guardio

 

The malware will then secretly copy the user’s sessions, cookies, accounts, crypto-wallets, and more and send the information from their computer or device to the scammer without the user’s knowledge. This can severely hurt the users who fall for the bait, and it also deeply hurts the legitimate business profiles whose information gets compromised and essentially halts their business from flourishing in a social media setting.

 

MORE: HOW SCAMMERS ARE SELLING COUNTERFEIT STAMPS ON FACEBOOK ADS 

 

How can I protect myself if this is happening all over social media?

There are a few steps you can take to make sure that you do not fall for a fake scam on social media. Here are some of my tips:

Look closely at the language of the post.

The language of a post is a lot more important than you think. If you look closely and notice that a post is trying very hard to push a product on people by using insanely low prices that won’t be found anywhere else (like a laptop being sold for $20 for example), then that’s a huge red flag for a scam.

Stop if you see urgent messages from a “friend” asking for money.

It could be a hacker behind that post pretending to be your friend.

Check out a company before you buy.

Do a quick online search for the store’s name and look for reviews and complaints from other customers. You should also check the Better Business Bureau website to see if the store has a rating or any complaints. If you see a lot of negative reviews and comments, don’t trust them.

Don’t deal with a vendor requiring cryptocurrency, gift card, or wire transfer payment.

That’s sure to be a scam.

Have good antivirus software on all your devices.

This story is also another reminder to always have good antivirus software running on your devices, as these social media scams can entail the victim clicking a fake post. Antivirus software on your devices will ensure you are stopped from clicking on any potential malicious links in social media posts.

Special CyberGuy deal:  My #1 pick is TotalAV: $19 your first year (80% off) for the TotalAV Antivirus Pro package. 

Find my review of Best Antivirus Protection here.

Best Antivirus Protection

 

Is Facebook doing anything about this?

The team at Guardio did reach out to Meta (the parent company of Facebook) to make them aware of these alarming facts.  According to the security group, Meta’s research and engineering teams are actively working to stop the propagation on their ad network.

Have you noticed any malware scams on social media lately? Comment below.

 

Have you noticed any malware scams on social media lately? Let us know by commenting below.

FOR MORE SECURITY ALERTS LIKE THIS, SUBSCRIBE TO MY FREE CYBERGUY REPORT HERE 

 

Related:

 

 

Copyright 2024 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.


   

Leave a Comment

GET MY FREE CYBERGUY REPORT
Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter. (We won't spam or share your email with anyone else.)

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.

Tips to avoid our newsletters going to your junk folder