Internet security blog Security Affairs reports the new Python-based information-stealing malware dubbed "Snake" has been distributed through malicious messages on Facebook Messenger since August 2023.
Attacks commence with the delivery of direct messages on Messenger that lure recipients into downloading compressed RAR or ZIP files that contain a batch script, which triggers the infection chain and the eventual deployment of the Snake infostealer, according to a Cybereason report.
Aside from scouring sensitive data from several web browsers, including Google Chrome, Mozilla Firefox, Microsoft Edge, Brave (an open-source browser based on the Chromium web browser), and Coc Coc Browser (a Vietnamese-language browser), the Snake infostealer has also been gathering Facebook-specific cookie details.
Observers theorize that the theft of these cookies is for later use in attempts to hijack the victim's Facebook account to further spread the infection. "Novel Snake infostealer distributed through Facebook Messenger" scmagazine.com (Mar. 08, 2024)
Commentary
All hardware - computers, tablets, phones, routers, and even smart home appliances such as webcams, washing machines, or thermostats - use software to operate. When software operates properly, hardware operates properly.
Malware, on the other hand, makes devices act differently.
According to the FTC, other signs a device is infected with malware include:
- suddenly slows down, crashes, or displays repeated error messages
- won't shut down or restart
- won't let you remove software
- serves up lots of pop-ups, inappropriate ads, or ads that interfere with page content
- shows ads in places you typically wouldn't see them, like government websites
- shows new and unexpected toolbars or icons in your browser or on your desktop
- uses a new default search engine, or displays new tabs or websites you didn't open
- keeps changing your computer's internet home page
- sends emails you didn't write
- runs out of battery life more quickly than it should