February 8, 2024 at 11:40AM “Ov3r_Stealer” is a novel malware targeting Facebook users through job ads. It steals various data types including geolocation, passwords, and credit card information. The malware uses multiple execution methods and its origin involves complex communication channels and pseudonyms. As a modular tool, it can facilitate other malware and pose a … Read more
February 7, 2024 at 04:29PM Ov3r_Stealer, a new password-stealing malware, spreads through fake job ads on Facebook, leading victims to a Discord URL where a PowerShell script downloads the malware payload. It employs various techniques like malicious file execution, HTML smuggling, and DLL sideloading to establish persistence and steal data every 90 minutes, sending it … Read more
February 6, 2024 at 10:10AM Threat actors are using fake Facebook job ads to distribute a new Windows-based stealer malware, Ov3r_Stealer, designed to steal credentials and crypto wallets. The campaign’s end goal remains unknown, but the stolen information may be sold to other threat actors or used to distribute additional payloads, including ransomware. This tactic … Read more