New Updated CopperStealer Malware Hijacks Apple, Facebook, and Google Account Data!

New Updated CopperStealer Malware Hijacks Apple, Facebook, and Google Account Data!

After the investigation, the malware is spotted who is distributed with the help of fake software crack sites that are used to targets the users who are accessing the popular service platforms that include Amazon, Apple, Facebook, and Google.

This malware named as CopperStealer, is now actively created passwords and cookie stealers while its downloading feature enables the other operators to furnish additional payloads into the infected device.

The attackers working behind this malware are using the compromised accounts while accessing the malicious ads and delivering the additional malware information that infects the other malware programs.

How Dangerous this Malware is?

According to the security experts this malware simply targets the users from Facebook, Instagram, and other advertising accounts and it also capable to infect the users who are connected and using the popular social networking or eCommerce sites that deals with Bing, Google, PayPal, Apple, Twitter, Tumblr, Amazon, and many others.

This entire malware extra-filtrates the passwords stored in Google Chrome, Microsoft Edge, Firefox, Yandex, and Opera browser. However, the malware also caught the users from Facebook User Access Token and steals the cookies that are used to collect the additional context, which includes the list of known persons or friends and other advertisement information that was listed on the Facebook page.

The malware additionally includes the CopperStealer’s downloader that initiates the Smokeloader backdoor and a wide range of other payloads that was download from some specific URLs.

New Updated CopperStealer Malware Hijacks Apple, Facebook, and Google Account Data!

The experts also added that this malware CopperStealer isn’t the most dangerous credential and account stealer program, it is working with the basics but its overall impact was too larger.

How the Malware Distributed Using Fake Sites?

The malware named as CopperStealer includes the sites identified as keygenninja[.]com, startcrack[.]com, crackheap[.]com and piratewares[.]com.

The experts closely worked with Cloudflare and other service providers that set up the interstitials for various domains that warn the visitors of their malicious behavior.

Whereas, the sites are also sinkholes that discovered the connection with ongoing attempts that use to deliver the malware and other potentially unwanted programs that consist of the PUP and PUA software.

While malware start operating, in 24 hrs it will initiate more than 69,992 HTTP Request that is from 5046 unique IP addresses that are originated from 159 different countries that represent the new 4,655 unique infections.

New Updated CopperStealer Malware Hijacks Apple, Facebook, and Google Account Data!

CopperStealer also varies according to the targets that used to deliver the methods with the help of SilentFade malware that is now working to hijacking the browser cookies and also promoting the malicious advertisement using the compromised Facebook account that affect around $4 million users.

These credentials are making the world go round and minimizing the threats that show the lengths of attackers and steal the valuable credential data. The malware is also going for some big service provider logins that also include the social media accounts and search engine accounts while spreading the additional malware for other attacks.

While the accounts stealing malware like this are one of the most dangerous malware that works behind the impersonation attacks and identified the fraud.

Users are advised to turn on two-factor authentication immediately to apply the additional protection layer while revoking these attacks.

Leave a Reply