"Facebook Warns of a New Information-Stealing Malware Dubbed NodeStealer"

NodeStealer is a new malware that steals information and is distributed on Meta. It can steal browser cookies to hijack accounts on multiple platforms, including Facebook, Gmail, and Outlook. The malware was first discovered targeting Windows browsers in late January 2023. It is capable of targeting multiple web browsers, including Chrome, Edge, Brave, and Opera. NodeStealer is a custom JavaScript malware that bundles the Node.js environment, according to the researchers. The author uses Node.js to enable the execution of malware on multiple operating systems. The infostealer is suspected to be the work of threat actors in Vietnam. Meta, the parent company of Facebook, took action to thwart the malware campaign and help victims with account recovery. The malware is disguised as PDF and XLSX files, and their filenames were selected to lure victims into opening them, thereby initiating the infection process. This article continues to discuss the new information-stealing malware NodeStealer being distributed on Meta.

Security Affairs reports "Facebook Warns of a New Information-Stealing Malware Dubbed NodeStealer"