New FFDroider malware steals Facebook, Instagram, Twitter accounts

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
A new information stealer named FFDroider has emerged, stealing credentials and cookies stored in browsers to hijack victims' social media accounts.

Researchers at Zscaler have been tracking the new info-stealer and its spread and published a detailed technical analysis today based on recent samples.

Like many malware, FFDroider is spread through software cracks, free software, games, and other files downloaded from torrent sites.

When installing these downloads, FFDroider will also be installed, but disguised as the Telegram desktop app to evade detection.

Once launched, the malware will create a Windows registry key named "FFDroider," which led to the naming of this new malware.

The Zscaler researcher has put together an attack flow chart illustrating how the malware is installed on victims' devices.

FFDroider's infection and operational flow

FFDroider's infection and operational flow (Zscaler)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top