This Windows malware aims to steal your social media passwords

Share on facebook
Share on twitter
Share on linkedin
Share on reddit

Cybersecurity researchers at Zscaler are warning about malware dubbed FFDroider that is designed to steal usernames and passwords, along with cookies from infected Windows computers. 

FFDroider is mainly focused on stealing login credentials for social media websites, including Facebook, Instagram and Twitter, but it also steals passwords for Amazon, eBay and Etsy accounts. The malware can steal cookies from Google Chrome, Mozilla Firefox, Internet Explorer and Microsoft Edge browsers. 

The information stolen by the trojan malware can be used to take control of accounts, steal personal information, commit fraud against victims, and could also provide attackers with a means of hacking other accounts if the same email and password is used to access them. 

ZDNet Recommends

Zscaler said it has observed “multiple” campaigns related to FFDroider, which are all connected to a malicious program embedded in cracked version of installers and freeware.

SEE: A winning strategy for cybersecurity (ZDNet special report)

To avoid being detected after installation, the malware disguises itself as messenger application Telegram – although users who aren’t Telegram users might wonder why folders claiming to be that app have appeared. 

Once installed on a system, the malware monitors the actions of the victim and – when they enter their username and password into the specified social media platforms – the information is stolen. FFDroider also steals cookies and saved login credentials from the browser. 

If stolen social media account credentials are linked to a business account, the malware also seeks out billing information, potentially enabling

Read more

Explore the site

More from the blog

Latest News