Member-only story
Album Stealer Malware, RMM Software Attacks & Vulnerability Exploits Trending in the Wild
Dark Roast Intelligence | February 1, 2023
Welcome to this week’s edition of Roast Roast Intelligence. In this article, you’ll find an overview of a recent malware campaign, Album Stealer, targeting Facebook users, a warning issued by CISA (Cybersecurity and Infrastructure Security Agency), and a few vulnerabilities that are trending due to recently seen exploits in the wild.
Album Stealer Malware
Earlier this month, a security vendor, Zscaler, discovered a new variant of information-stealing malware targeting Facebook users. The malware, dubbed Album Stealer, uses fake Facebook profiles to lure victims into downloading malicious files from the page. The files are disguised as a photo album of adult content, but when downloaded, the images begin performing malicious activity in the background.
Like many info stealer malware variants, Album Stealer uses techniques to evade detection, including side loading that leverages legitimate software to execute malicious DLLs. The execution of these DLLs leads to the continuation of the attack chain where registry keys are created to maintain persistence and executables are launched to install the stealer and communicate with the Command…