Connect with us

Hi, what are you looking for?

HEADLINES

Malware generates fake ‘follows’ and ‘likes’ on social media

A malware has been stealing HTTP cookies to perform fraudulent actions on Facebook, Twitter, Instagram, YouTube and other sites, which include generating non-legitimate “follows”, “views” and “likes.”

Known as the Linux/Moose, the malware primarily targets Linux-based consumer routers and infect other Linux-based embedded systems. Once infected, the compromised devices are used to steal unencrypted network traffic and offer proxying services for the botnet operator.

“Linux/Moose is a novelty when you consider that most embedded threats these days are used to perform DDoS attacks,” explains Olivier Bilodeau, Malware Researcher at ESET.

According to ESET researchers, this type of malware has the capabilities to reroute DNS traffic, which enables man-in-the-middle attacks from across the Internet. Moreover, the threat displays out-of-the-ordinary network penetration capabilities compared to other router-based malware.

Advertisement. Scroll to continue reading.

Moose also has DNS hijacking capabilities and will kill the processes of other malware families competing for the limited resources offered by the infected embedded system.

“Considering the rudimentary techniques Moose employs to gain access to other devices, it seems unfortunate that the security of embedded devices is not taken more seriously by vendors. We hope that our efforts will help them to better understand how malicious actors are targeting their devices,” concludes Bilodeau.

You May Also Like

HEADLINES

The exploit, discovered by Kaspersky’s Global Research and Analysis Team (GReAT), required no user interaction beyond clicking a malicious link and demonstrated exceptional technical...

HEADLINES

At the end of 2023, Sophos X-Ops noted a significant increase in ‘remote encryption’ attacks – where ransomware attackers breach a compromised and often...

HEADLINES

With the launch of KATA 7.0, organizations can now benefit from enhanced Network Detection and Response (NDR) capabilities with deeper network visibility, internal threats...

HEADLINES

In 2024, Globe blocked 3,096 child pornography domains or those containing child sexual abuse and exploitation materials (CSAEM), a slight increase from 3,047 domains restricted...

HEADLINES

During a recent webinar on Building Resilience Against Online Scams, hosted by fiber broadband and technology provider Converge ICT Solutions Inc., its Chief Executive...

HEADLINES

In 2024, Kaspersky restructured its Partner Program into four key partner types, recognizing the diverse profiles within its network – from traditional resellers and...

White Papers

The study tested 2,000 UK and US consumers, exposing them to a series of real and deepfake content. The results are alarming: only 0.1%...

HEADLINES

Deepfakes pose significant threats and risks, with nearly half of companies worldwide reporting incidents in 2024, according to industry reports. HONOR’s innovative solution immediately...

Advertisement