Rewterz Threat Alert – Fabookie: A Stealthy InfoStealer Threat Targeting Social Media Accounts – Active IOCs

Severity

High

Analysis Summary

Fabookie is a trojan specifically designed to target Facebook accounts and steal sensitive information. This malicious threat operates by infecting computers and secretly harvesting valuable data without the user’s knowledge. One of the alarming aspects of infostealers like Fabookie is their ability to remain undetected for an extended period, making it difficult to detect their presence until it’s too late.

Once Fabookie infiltrates a computer system, it begins its malicious activities by silently collecting sensitive details from the infected device. Its primary focus is on stealing Facebook account information, including usernames, passwords, and other credentials associated with the social media platform. This stolen data can then be used by cybercriminals for various illicit purposes, such as unauthorized access to Facebook accounts, identity theft, or even selling the compromised accounts on underground markets.

The stealthy nature of infostealers like Fabookie makes it challenging for users to realize that their computer has been compromised. The trojan often operates discreetly in the background, evading detection by security software and remaining hidden from the user’s view. As a result, users may only become aware of the attack when they notice suspicious activity on their Facebook accounts or experience unauthorized access.

To protect against Fabookie and similar trojans, it is crucial to maintain a proactive and multi-layered approach to cybersecurity. This includes regularly updating antivirus software and operating systems, using strong and unique passwords for online accounts, enabling two-factor authentication for added security, and being cautious when interacting with unfamiliar links or downloading files from untrusted sources.

By remaining vigilant and implementing robust security measures, users can significantly reduce the chances of falling victim to Fabookie and protect their Facebook accounts and sensitive information from unauthorized access and misuse.

Impact

• Accounts Theft
• Sensitive Information Theft
• Credential Theft

Indicators of Compromise

MD5

• 91ce729e4957d206ead79577e0998b3c
• b179677472dff8646a2e2e4268854cbe
• d31807872470b150dfe561894122d9a1
• 01c62b88f36b6b1e02c803e04cbc75c6
• 1fe7c04254d70692eda2745829bae81f
• d188ead23acae9b6706447d51113cf73

SHA-256

• c80c6cfe6aa7cf172a5c2ba370d82339357112495ad79e70c2f9bca05bda0e33
• e3815234522ee1f479c736d60bc4459b34b64b77bb1f5e13938d8541675fad99
• 99839e1fa6c619ee000e97683cfc120c6bf8d8c5dd538e714a0377923d4536e2
• e5903742cad2793cbff490b24b0d56f929efefcc9639da45985ce5524c5513a7
• 0fd3c496e9732329a5c7959ef40d78e6ce4ed1b3d5d573812f70459505140a50
• 6339b9fc46aa632f3054259b9a47127e433479f36fe52dff78a554505ca817ef

SHA-1

• b2fe142602806b4b5002269424ef5b6388011ca2
• 5d0ee1fbaf07835f1cc26bef5183c44dcc5e737a
• 50086fbcaf7135ca105bf3f7b9c0cfdf2065c91a
• 531cc382c116ae8925e8896d4bf18ee40218f429
• 9582a646da2322de5a89297e970719c1476e43a0
• 81e7c3c19a271fd06288c18919e18f6e92ac277e

Remediation

• Block all threat indicators at your respective controls. Search for Indicators of compromise (IOCs) in your environment utilizing your respective security controls
• Enable two-factor authentication (2FA) on your accounts adds an extra layer of security and can help prevent unauthorized access even if your login credentials have been stolen.
• Regularly backing up your important data can help ensure that you don’t lose any critical information in the event of a malware infection or other data loss event.
• Be wary of emails, attachments, and links from unknown sources. Also, avoid downloading software from untrusted sources or clicking on suspicious ads or pop-ups.
• Make sure all of your software, including your operating system and applications, are up-to-date with the latest security patches. This can help prevent vulnerabilities that could be exploited by info-stealers and other types of malware.
• Promptly apply security patches and updates for operating systems, software applications, and browsers. This helps to address vulnerabilities that threat actors may exploit to deliver malware.
• Utilize web filtering solutions and URL reputation services to block access to known malicious websites and prevent users from visiting potentially dangerous links, such as those used in Fabookie infostealer campaigns.
• Maintain regular backups of critical data, including Facebook Business account information, and ensure they are stored securely offline. This enables quick recovery in case of a successful attack or data loss.