Member-only story

Album Stealer Malware, RMM Software Attacks & Vulnerability Exploits Trending in the Wild

Dark Roast Intelligence | February 1, 2023

Katlyn Gallo
Dark Roast Security
6 min readFeb 1, 2023

--

image by author

Welcome to this week’s edition of Roast Roast Intelligence. In this article, you’ll find an overview of a recent malware campaign, Album Stealer, targeting Facebook users, a warning issued by CISA (Cybersecurity and Infrastructure Security Agency), and a few vulnerabilities that are trending due to recently seen exploits in the wild.

Album Stealer Malware

Earlier this month, a security vendor, Zscaler, discovered a new variant of information-stealing malware targeting Facebook users. The malware, dubbed Album Stealer, uses fake Facebook profiles to lure victims into downloading malicious files from the page. The files are disguised as a photo album of adult content, but when downloaded, the images begin performing malicious activity in the background.

Like many info stealer malware variants, Album Stealer uses techniques to evade detection, including side loading that leverages legitimate software to execute malicious DLLs. The execution of these DLLs leads to the continuation of the attack chain where registry keys are created to maintain persistence and executables are launched to install the stealer and communicate with the Command…

--

--

Dark Roast Security
Dark Roast Security

Published in Dark Roast Security

Dark Roast Security’s mission is to inspire, educate, and share ideas about InfoSec. Follow to join our community!

Katlyn Gallo
Katlyn Gallo

Written by Katlyn Gallo

Coffee lover, bookworm, and InfoSec enthusiast | Find me on Twitter & Instagram: @ktgblogstech

No responses yet