Avast, discovered business pages of hacked facebook that spread a password stealer called Redline Stealer on this social network. Redline Stealer is a password stealer capable of stealing passwords and downloading malware, which is available for purchase on the darknet, making it difficult to identify a specific person or group hacking these accounts.
business accounts of Facebook have spread suspicious posts. Max Deportes is a Mexican sporting goods store with more than 114,000 followers on its Facebook page. Since August, posts promoting free video game downloads such as Stray and Spider Man have appeared on the business’s Facebook page. sites of the producers of the games.
In addition to the page Max Deportes, Avast is aware of other hacked Facebook Pages posting the same content. Among them is a Brazilian internet service provider called Viu internet with more than 15,000 followers on Facebook.
In addition, Vojtěch Boček provides advice to users on how to protect themselves and avoid this threat.
Be wary of offers that are too good to be true: The posts promote free access to content that would otherwise be paid for, which is a red flag. Cybercriminals try to entice people to download and run malicious files by offering them as free and desirable.
Check the resources: Users should be wary of posts promoting free downloads of games or software that do not match the content normally posted by Facebook accounts.
Download from a trusted source: Users who are interested in downloading a game or software should do so from a trusted source, such as the producer of the software directly or a trusted distribution service.
Report scams: Report a scam or suspicious post on the social network directly and alert your friends and family who may be interested in such posts.
Use security software: A cybersecurity tool, like an antivirus, acts like a safety net, protecting even the most cautious users. Avast Antivirus protects users by blocking malware distributed by these posts.
Use strong passwords: Strong passwords protect accounts from hackers. Ideally, passwords should be between 15 and 20 characters long and include a mix of upper and lower case letters, as well as special characters.
Use two-factor authentication: Two-factor authentication requires users to enter a second code along with their username and password, which is usually sent to a mobile number or email address. Two-factor authentication can also serve as an alert system when someone is trying to get into the account.
Check the suspicious charges: Regularly check bank statements. Hackers who access an account with credit card information can use it to make purchases or payments.