The new FFDroider malware is a direct threat to social network users, as it has been designed to steal Facebook, Twitter and Instagram accounts . It is specialized in obtaining as much information as possible, apart from the username and password.
In fact, FFDroider checks if it can enter the social networks whose account it has just stolen in order to collect more data. After accessing the Windows computer, check the files of the Chrome, Edge, Firefox or Internet Explorer browsers to obtain the passwords.
This information is valuable for cybercriminals, for example, to spam on Instagram or to promote various scams from Twitter. Many times, the aim is not to steal the account in the sense of preventing access to its owner, but to carry out fraudulent activity with it without their knowledge.
FFDroider spreads mainly through torrent downloads , such as games, programs or “cracks”, patches that bypass software protections. However, it installs pretending to be the version of Telegram for Windows , which helps it to go unnoticed.
The malware seeks to steal accounts from social networks and e-commerce platforms (Amazon, eBay and Etsy), instead, it does not collect passwords en masse, only from those services that its creators are interested in.
These are the platforms that FFDroider malware attacks:
- Facebook.
- Instagram.
- Twitter.
- Amazon.
- eBay
- Etsy.
- WAX Cloud wallet.
After obtaining the account password, FFDroider logs in to steal as much personal data as possible on different social networks, including entering Instagram and Facebook profile settings. This way you get the name and surnames, email, phone number or the pages that we follow.
In the case of Facebook, it even checks if we have entered payment information for business ads , so that it could carry out fraudulent advertising campaigns at our expense.
In the end, to protect ourselves from FFDroider we must avoid downloading from torrents or other unofficial content and, of course, always be wary of any file from the Internet, as it could contain viruses.
Via: BleepingComputer
