A “swarm of fake and hijacked personal accounts” are being used in a new phishing operation that uses Facebook Messenger to spread messages with malicious attachments with the ultimate goal of gaining control of the targets’ accounts.
This campaign, which once more has its roots in a Vietnamese-based organization, “uses a tiny compressed file attachment that packs a powerful Python-based stealer dropped in a multi-stage process full of simple yet effective obfuscation methods,” according to research by Guardio Labs researcher Oleg Zaytsev.
These attacks, known as MrTonyScam, lure potential victims with messages that tempt them to click on the RAR and ZIP archive files, which then triggers the deployment of a dropper that downloads the subsequent stage from a GitHub or GitLab repository read more Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.