Your Facebook, Twitter and Instagram accounts in danger with this malware

Anyone who has a minimum of experience on the Internet knows that we must be very careful with where we access and what we execute . The network is full of fraudulent downloads that can destroy our lives if we are not careful. The latest threat to appear is malware that will hijack your social media accounts.

FFDroider malware is the new threat of Internet users. This is an information stealer that can hijack your Instagram, Facebook or Twitter accounts to save your cookies and infest your device with fraudulent advertising.

Instagram accounts in danger with this malware

How does FFDroider work?

This malicious program spreads by downloading programs or Torrent files, among others. Once you install a program that contains it, FFDroider will also be installed. To avoid detection and go unnoticed by the naked eye, it will take the Telegram desktop icon . So, if you are reading these lines, make sure that Telegram icon is really Telegram.

teclado malware

Once inside your PC, it will create a Windows registry key titled “FFDroider”, which gives the order to connect to “dowload.studymathlive.com”. Later, it will modify the stored cookies of your browser through applications, such as InternetGetCookieRxW. Finally, it steals the username and password of the social network accounts accessible on the infected computer and propagates them to a C2 server “http[:]//152[.]32[.]228[.]19/seemorebty.”

Why do you focus on social networks?

The peculiarity of this malware is that it does not focus on the files on your computer, nor on the passwords of websites, such as banks or shopping portals. Their goal is your social networks. It is interested, for example, in accessing your Twitter account to spread and use fraudulent advertising.

malware facebook

If you finally get the password for our Facebook, you will have access not only to our data, but also to our list of friends, phone numbers of our contacts, etc. For this reason, the threat is double, since it can publish content on our profile, and, in addition, contact our acquaintances to infect them more easily.

What to do if our computer is infected?

“Virus” is the general way of referring to non-consensual software that can commit actions on a device without our consent. These usually cause secondary effects on the computer, from the continuous appearance of pop-ads to slowing down the computer. There are several types, because a simple Trojan is not the same as the FFDroider.

If you suspect that your computer is infected, take precautions. The first thing is not to access sensitive pages , in this case Facebook or Instagram, but don’t even think about your bank’s page. Another point is not to run programs because their files can be infected. As for the easiest solution against the virus, it is to try to eliminate it directly, although if you are not skilled with PCs, it may be worth having the help of a professional. If the computer is unsalvageable, run the backup.