The “Facebook Password Stealer” tool is actually a RAT as it turns out to be.

Almost every newbie hacker has this passion of hacking other people’s Facebook account. While some people actually understand the amount of effort and knowledge required for successfully “hacking” something, most people think there exists a “software” which does the task by clicking on that “hack” button.

Hackers are known to be smart and above all adaptive to changes. A bunch of cybercriminals were able to “sniff” this fantasy and they found a carrier for their malware. The result was a tool claiming to be a Facebook password stealer which claimed to give you the password of any account just by entering account URL or email id used on Facebook.
Have a look at the UI:

Facebook

You can see there is a catch! you have to enter the credentials of your Facebook account on the first hand. But this is not it, according to a team of security researchers going by twitter handle of @malwarehunterteam, this program actually installs backdoors on your computer which escalate privilege as soon you permit the app to run in administrator mode and then open a reverse connection to its origin. Once infected, these things can be done on your system:

1. Remotely gain access into the victim’s desktop or active window

2. See the victim’s IP, full computer name, full username, OS, install date, and country

3. Remotely execute a file from disk or URL

4. Manipulate files

5. Open a remote shell, allowing the attacker to use the command line

6. Open a process manager to kill processes

7. Manipulate the system registry

8. Record the computer’s camera and microphone

9. Log keystrokes

10. Steal passwords stored in browsers or other applications.

Therefore, it is highly advisable to stay away from such tools which claim to “hack” something effortlessly.

This is the original tweet by the @malwarehunterteam.

Image Credits: MalwareHunterTeam.

Share.

About Author

You may also like



9 Comments

  1. By the way, I had a Google Account and even strong passwords were not saved. In my passwords are formed using the generator of complex characters and the power of protection there is exceptional. But perhaps protection is hacked at the network level, because browsers are little use, only special mail clients who also have exclusive protection. I wrote about it at Google, they answered and thanked for the warning. I turned to Facebook but there is no answer and probably will not. Facebook does not even save such a story and even complex passwords, although I know very well about security systems. I do not trust social networks because they are read by everyone not lazy, and 95% of criminal formations live in social networks. This is according to statistics!

Leave A Reply