{"id":221095,"date":"2023-11-02T14:40:20","date_gmt":"2023-11-02T14:40:20","guid":{"rendered":"https:\/\/bm.dev.synology.me\/?p=221095"},"modified":"2023-11-02T14:40:20","modified_gmt":"2023-11-02T14:40:20","slug":"o-noua-metoda-de-frauda-pe-internet-bitdefender-exista-cel-putin-zece-conturi-de-facebook-compromise-apartinand-unor-companii-care-continua-sa-distribuie-publicului-reclame-periculoase","status":"publish","type":"post","link":"https:\/\/bm.dev.synology.me\/?p=221095","title":{"rendered":"O nou\u0103 metod\u0103 de fraud\u0103 pe internet. Bitdefender: Exist\u0103 cel pu\u0163in zece conturi de Facebook compromise apar\u0163in\u00e2nd unor companii, care continu\u0103 s\u0103 distribuie publicului reclame periculoase"},"content":{"rendered":"

\nHackerii controleaz\u0103 paginile de Facebook ale unor companii \u015fi folosesc bugetele de publicitate pentru a afi\u015fa reclame provocatoare care vizeaz\u0103 mai ales b\u0103rba\u0163i, cu scopul de a p\u0103c\u0103li victimele s\u0103 acceseze aceste reclame \u015fi, ulterior, s\u0103 \u00ee\u015fi piard\u0103 conturile \u015fi datele personale, au transmis reprezentan\u0163ii Bitdefender printr-un comunicat. Practic, speciali\u015ftii \u00een securitate informatic\u0103 de la Bitdefender au descoperit c\u0103 infractorii cibernetici au ad\u0103ugat noi func\u0163ii care le permit s\u0103 ob\u0163in\u0103 acces fraudulos pe platforme suplimentare (Gmail \u015fi Outlook) pentru a fura portofele cripto \u015fi a instala amenin\u0163\u0103ri informatice.<\/p>\n

\n\u201eNodeStealer este o amenin\u0163are informatic\u0103 relativ nou\u0103, descoperit\u0103 de echipa de securitate din cadrul Meta \u00een ianuarie 2023, care permite atacatorilor s\u0103 fure cookie-uri din browser \u015fi s\u0103 preia controlul asupra conturilor Facebook Business, f\u0103r\u0103 a fi necesare alte interac\u0163iuni cu victima, ocolind chiar \u015fi mecanismele de securitate, precum autentificarea \u00een doi pa\u015fi\u201d, au explicat reprezentan\u0163ii Bitdefender.<\/p>\n

\nPractic, pentru a ob\u0163ine acces la conturile utilizatorilor, infractorii cibernetici folosesc bugetele alocate reclamelor pe conturile de Facebook Business deja compromise \u015fi distribuie reclame c\u0103tre publicul-\u0163int\u0103 selectat.<\/p>\n

\n\u201eAtacatorii creeaz\u0103 o pagin\u0103 de Facebook sub numele \u201eActualizare album\u201d unde adaug\u0103 fotografii cu femei tinere \u00een ipostaze provocatoare \u015fi folosesc descrieri scurte pentru a-i atrage pe utilizatori s\u0103 descarce arhiva media: \u201eViziona\u0163i acum \u00eenainte de a fi \u015fterse\u201d. Albumele redirec\u0163ioneaz\u0103 utilizatorii c\u0103tre Bitbucket sau Gitlab care stocheaz\u0103 o arhiv\u0103 ce con\u0163ine un executabil Windows prin care sunt instalate versiuni mai noi ale amenin\u0163\u0103ri NodeStealer pe dispozitivele utilizatorilor. Odat\u0103 ce infractorii cibernetici ob\u0163in acces la cookie-urile utilizatorilor folosind func\u0163iile de baz\u0103 ale NodeStealer, ei preiau conturile de Facebook \u015fi acceseaz\u0103 informa\u0163ii sensibile.\u201d<\/p>\n

\nAstfel, pentru a se proteja \u00eempotriva atacurilor lansate prin linkuri de phishing, fi\u015fiere ata\u015fate sau reclame, utilizatorii pot s\u0103 instaleze \u015fi s\u0103 \u00ee\u015fi men\u0163in\u0103 actualizat\u0103 o solu\u0163ie de securitate informatic\u0103.<\/p>\n

\n\u201eR\u0103m\u00e2ne\u0163i mereu vigilen\u0163i \u00een interac\u0163iunile online \u015fi fi\u0163i precau\u0163i atunci c\u00e2nd primi\u0163i linkuri nesolicitate asociate cu anun\u0163uri alarmante care v\u0103 solicit\u0103 s\u0103 desc\u0103rca\u0163i urgent fi\u015fiere. Evita\u0163i reclamele care \u00eendeamn\u0103 la desc\u0103rcarea albumelor foto din Bitbucket, Gitlab sau Dropbox.\u201d<\/p>\n

\nPrincipalele descoperiri ale cercet\u0103rii efectuate \u00een octombrie 2023 de speciali\u015ftii Bitdefender<\/strong><\/p>\n

\n\u2022 Reclamele distribuie o versiune mai nou\u0103 a amenin\u0163\u0103rii informatice NodeStealer.<\/p>\n

\n\u2022 Speciali\u015ftii Bitdefender au descoperit c\u0103 exist\u0103 cel pu\u0163in zece conturi de Facebook compromise apar\u0163in\u00e2nd unor companii, care continu\u0103 s\u0103 distribuie publicului reclame periculoase.<\/p>\n

\n\u2022 Mai multe itera\u0163ii ale aceluia\u015fi anun\u0163 au fost folosite \u00een aproximativ 140 de campanii publicitare periculoase.<\/p>\n

\n\u2022 Atacatorii au folosit simultan cel mult cinci reclame active pe care le-au alternat constant pentru a \u00eencerca s\u0103 evite raport\u0103rile utilizatorilor.<\/p>\n

\n\u2022 Reclamele au afi\u015fat fotografii cu femei tinere \u00een ipostaze provocatoare ca s\u0103 atrag\u0103 victimele s\u0103 descarce amenin\u0163\u0103ri informatice.<\/p>\n

\n\u2022 Amenin\u0163area este distribuit\u0103 prin fi\u015fiere executabile Windows disimulate \u00een albume foto.<\/p>\n

\n\u2022 Circa 100.000 de poten\u0163iale desc\u0103rc\u0103ri sunt estimate de c\u0103tre cercet\u0103torii BItdefender, un singur anun\u0163 av\u00e2nd p\u00e2n\u0103 la 15.000 de acces\u0103ri \u00een doar 24 de ore.<\/p>\n

\n\u2022 Cel mai vizat segment \u00eel reprezint\u0103 b\u0103rba\u0163ii de peste 45 de ani.  <\/p>\n

\n <\/p>\n","protected":false},"excerpt":{"rendered":"

Hackerii controleaz\u0103 paginile de Facebook ale unor companii \u015fi folosesc bugetele de publicitate pentru a afi\u015fa reclame provocatoare care vizeaz\u0103 mai ales b\u0103rba\u0163i, cu scopul de a p\u0103c\u0103li victimele s\u0103 acceseze aceste reclame \u015fi, ulterior, s\u0103 \u00ee\u015fi piard\u0103 conturile \u015fi datele personale, au transmis reprezentan\u0163ii Bitdefender printr-un comunicat. Practic, speciali\u015ftii \u00een securitate informatic\u0103 de la […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[510],"tags":[15977,8039,15499,219],"class_list":["post-221095","post","type-post","status-publish","format-standard","hentry","category-actualitate","tag-amenintari","tag-bitdefender","tag-reclamatie","tag-securitate"],"_links":{"self":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/221095","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=221095"}],"version-history":[{"count":0,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/221095\/revisions"}],"wp:attachment":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=221095"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=221095"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=221095"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}