Album Stealer Seeks to Compromise Facebook Accounts

Album Stealer is a type of malware that masquerades as an album of explicit photographs of women. It is spread through Facebook, where victims are tricked into downloading the malicious archive. Once extracted, they are presented with the promised photos as a distraction while the infection chain progresses. This stealer targets browsing-related data and log-in credentials, particularly those related to Facebook accounts. It uses a side-loading technique to execute malicious DLLs in order to avoid detection.

Album Stealer is a form of information-stealing malware that disguises itself as an album containing explicit images of women. It is distributed via Facebook, where unsuspecting users are enticed into downloading the malicious archive. Upon extraction, they are presented with the promised pictures as a decoy while the infection chain continues its course. This stealer focuses on collecting browsing data and login credentials, particularly those associated with Facebook accounts. To evade detection, it utilizes a side-loading technique to launch malicious DLLs.

What information does Album Stealer target?

Album Stealer is an insidious form of malware that pretends to be an album filled with explicit photographs of women in order to spread itself. Victims are lured into downloading this malicious archive from Facebook and upon extraction , they are presented with the promised images as a distraction. Meanwhile, the infection chain continues to run in the background, targeting browsing-related data and log-in credentials, particularly those related to Facebook accounts.

It collects cookies and credentials from browsers, which are then used to access the Facebook API graph, Ads Manager, and Business accounts. Specifically, it targets the victim's Business account ID, name, creation time, verification status, roles allowed, extended credits, billed amounts, billing periods and more. It is likely that future versions of Album Stealer will have additional capabilities as malware creators continue to refine their creations.

Why are infostealer malware apps a big threat to your data and privacy?

Infostealer malware apps are a major threat to data and privacy because they are designed to acquire sensitive information from unsuspecting victims. These malicious programs can collect cookies and credentials from browsers, which can then be used to access the Facebook API graph, Ads Manager, and Business accounts. This means that the attacker has access to personal information such as account IDs, names, creation times, verification statuses, roles allowed, extended credits, billed amounts, billing periods and more. Furthermore, these apps can be constantly updated with new features that allow them to steal even more data. As a result, it is important for users to take steps to protect their data and privacy by using strong passwords and two-factor authentication whenever possible.