How to hack a Facebook account is one the most searched keywords over the Internet and there are if not thousands then hundreds of websites claiming to provide Facebook account hacking service. But are these sites doing what they claim? Not at all.
According to a Twitter user going by the handle of MalwareHunterTeam, a group of cyber criminals is claiming to have developed a “Facebook password stealer.” However, in reality, installing it on your device opens doors for the hackers to not only steal your Facebook password but also other data including personal and financial.
The researchers discovered that the Facebook password stealer software installs a remote access Trojan (RAT) called njRAT (also known as Bladabindi), first discovered in 2012 developed by Arabic speaking criminals. The Microsoft Malware Protection Center has also rated it as “severe”.
A scan on VirusTotal, a Google owned platform helping users and researchers to scan malicious files, documents and URLs shows that 24 anti-virus software discovered that the Facebook Password Stealer installer contains a backdoor infection.
This “Facebook Password Stealer” not only will send your credentials to an actor instead of hacking your target, but installs njRAT also.
? pic.twitter.com/pCRftqBkpF— MalwareHunterTeam (@malwrhunterteam) August 3, 2017
Once the user installs the so called Facebook Password Stealer, they allow attackers to:
Take remote control of the device
Remotely gain access into the victim’s desktop or active window
See the victim’s IP, full computer name, full username, OS, install date, and country
Remotely execute a file from disk or URL
Manipulate files
Open a remote shell, allowing the attacker to use the command line
Open a process manager to kill processes
Manipulate the system registry
Record the computer’s camera and microphone
Log keystrokes
Steal passwords stored in browsers or other applications
Facebook is not the only social media site whose users are continuously targeted by cyber criminals; several silly password stealers are claiming to steal Twitter login credentials as well. However, for unsuspecting users installing such software can end up with them losing their credit card details, social media credentials, personal videos, and images, etc.
Therefore, don’t get tricked while planning to trick others and avoid downloading such programs and apps on your device. Stay safe online and let others do the same.
