Social media malware campaign from 2016 that has resurfaced in 2021

09th February 2021
Social media malware campaign from 2016 that has resurfaced in 2021

Today, February  9 2021 is Safer Internet Day  and this year  it is all about enhancing digital communications and digital transformation. While we celebrate this digitalization, it is also important to understand the perils of the world wide web. The Internet is very convenient and useful, but using it has made our personal data more vulnerable. Cybercriminals primarily make use of social media platforms to target their victims and the easiest way for them to do this is, to show us an ad that we are likely to click on.
According to Kaspersky's recent investigation, a campaign spreading malware via social media, which was active in 2016 by SilentFade gang, has found its way back in India in 2021. The gang is known to utilize a combination of  Windows trojan, browser injections, clever scripting, and a bug in the Facebook platform, making it a very sophisticated and rare modus operandi to target Facebook's users.
Back in 2016, the purpose of SilentFade's operations was to infect users with the trojan, hijack user's browsers, and steal passwords and browser cookies so as to access their Facebook accounts. Once the cybercriminals had access, the group searched for accounts that had any type of payment method attached to their target's profile. For these accounts, SilentFade bought Facebook ads with the victim's funds. Then the cybercriminals start promoting their ads through the Facebook advertising platform. Despite operating only for a few months, Facebook revealed that the group managed to defraud infected users of more than $4 million, which they used to post malicious Facebook ads across the social network.|
Facebook also said SilentFade was part of a larger trend and a new generation of cybercrime actors that appear to reside in China and have persistently targeted its platform and user base.
Kaspersky experts have recently recorded Frank rootkit and after having it analyzed, they found out that it has many similarities to the campaign run by the SilentFade gang. According to Kaspersky's analysis, India ranks first with 603 infections in the last month, on the list of infected countries by this rootkit. Brazil (255 infections) and Indonesia (221) followed at second and third position.
 This Safer Internet Day we encourage the internet users in India to think about the technology you use and how you can take steps to make your usage more secure, and the job of the bad guys more difficult.
Here are some Internet safety rules to follow to help you avoid getting into trouble online:
1. Keep Personal Information Professional and Limited: Potential employers or customers don't need to know your personal relationship status or your home address. They do need to know about your expertise and professional background, and how to get in touch with you. You wouldn't hand purely personal information out to strangers individually—don't hand it out to millions of people online.
2. Keep Your Privacy Settings On: Marketers love to know all about you, and so do hackers. Both can learn a lot from your browsing and social media usage. But you can take charge of your information. As noted by Lifehacker, both web browsers and mobile operating systems have settings available to protect your privacy online. Major websites like Facebook also have privacy-enhancing settings available. These settings are sometimes (deliberately) hard to find because companies want your personal information for its marketing value. Make sure you have enabled these privacy safeguards, and keep them enabled.
3. Practice Safe Browsing: You wouldn't choose to walk through a dangerous neighborhood—don't visit dangerous neighborhoods online. Cybercriminals use lurid content as bait. They know people are sometimes tempted by dubious content and may let their guard down when searching for it. The Internet's demimonde is filled with hard-to-see pitfalls, where one careless click could expose personal data or infect your device with malware. By resisting the urge, you don't even give the hackers a chance.
4. Make Sure Your Internet Connection is Secure. Use a Secure VPN Connection: When you go online in a public place, for example by using a public Wi-Fi connection, PCMag notes you have no direct control over its security. Corporate cybersecurity experts worry about "endpoints"—the places where a private network connects to the outside world. Your vulnerable endpoint is your local Internet connection. Make sure your device is secure, and when in doubt, wait for a better time (i.e., until you're able to connect to a secure Wi-Fi network) before providing information such as your bank account number.
5. Be Careful What You Downloads and Clicks: A top goal of cybercriminals is to trick you into clicking malicious links and downloading malware— This link can be shared with you on social media platforms, emails, etc and can endanger your private data and devices.
6. Choose Strong Passwords: Passwords are one of the biggest weak spots in the whole Internet security structure, but there's currently no way around them. And the problem with passwords is that people tend to choose easy ones to remember (such as "password" and "123456"), which are also easy for cyber thieves to guess. Select strong passwords that are harder for cybercriminals to demystify. Password manager software can help you to manage multiple passwords so that you don't forget them. A strong password is one that is unique and complex—at least 15 characters long, mixing letters, numbers and special characters.
7. Make Online Purchases from Secure Sites: Any time you make a purchase online, especially through ads on social media platforms, you need to provide credit card or bank account information—just what cybercriminals are most eager to get their hands on. Only supply this information to sites that provide secure, encrypted connections. You can identify secure sites by looking for an address that starts with https: (the S stands for secure) rather than simply http: They may also be marked by a padlock icon next to the address bar.
8. Be Careful What You Post: The Internet does not have a delete key. Any comment or image you post online may stay online forever because removing the original (say, from Twitter) does not remove any copies that other people made. There is no way for you to "take back" a remark you wish you hadn't made, or get rid of that embarrassing selfie you took at a party. Don't put anything online that you wouldn't want your mom or a prospective employer to see.
9. Keep Your Antivirus Program Up To Date:  Internet security software cannot protect against every threat, but it will detect and remove most malware—though you should make sure it's to date. Be sure to stay current with your operating system's updates and updates to applications you use. They provide a vital layer of security.
"These are some of the basic security steps that are cardinal to keep you away from the nefarious cybercriminals. Even though nowadays, social media apps loom larger in most people's daily online interactions than traditional websites do, that does not mean that the basic Internet safety rules have changed. Hackers are still on the lookout for personal information that they can use to access your credit card and bank information, said Dipesh Kaura, General Manager, Kaspersky (South Asia).