JamzNG Latest News, Gist, Entertainment in Nigeria
Kaspersky’s global research and analysis team has found a new dangerous campaign to use thieves – types of malware designed to steal passwords and other account information on Facebook.
Infostealer Stealc V2 is being distributed via Facebook message and was first observed in August by the Kaspersky team.
More than 400 incidents have been identified to date, targeting users in various countries, including confirmed cases in Kenya, Angola, Ethiopia, Niger, Uganda, and Zambia.
As part of this attack, Facebook users receive a message containing a link that is disguised as a notification that their account has been blocked.
Clicking the link to open a false support page that claims that the user account has been blocked because of suspicious activity.
Also read: Sanctions for Airlines When NCAA Moves to Uphold Passenger Rights
To “recover access,” users are asked to use the “Appeal” button, which starts the download of the evil script that installs Stealc V2, the dangerous malware offered under the Malware-A-A-Service model, on the victim’s device.
The malware itself steals a password, cookie, and screenshot, as well as cryptocurrency wallet data.
“Cyber criminals often exploit the fear of users will lose account access and a sense of urgency that is felt. This pressure can cause individuals to act carelessly, increase the risk of infection by malware such as stealing V2. Users must remain vigilant and always verify the authenticity of messages before clicking on a global link.
Stealc V2, was first observed in 2025, significantly improved malware capabilities and increased risk for individual and company users. The original stealc, which appeared in 2023 on the dark web platform, quickly became a tool sought between cyber criminals thanks to accessibility, ability, and ease of access.
To be protected from phishing, Kaspersky recommends that corporate users and individuals who are careful when clicking on links, looking for urgency or threats, be careful of e -mail that demands immediate action, such as changing passwords or providing personal information, verifying messages, calls, or not requested links, even if they appear valid, and never share 2FA.
