Despite operating only for a few months, Facebook said the group managed to defraud infected users of more than $4 million, which they used to post malicious Facebook ads across the social network.
Cyber criminals are on the prowl and experts are saying that the Philippines is among the many countries they are targetting.
THE Philippines is among 10 countries that had been victimized by malware used by SilentFade, the gang responsible for $4 million fraud on Facebook in 2019.
Just last January alone, experts from global cyber security company, Kaspersky, recorded, analyzed and found similarities to the malwares detected as being used in India, Brazil, Indonesia, Italy, Germany, Algeria, Malaysia, Russia, France and Egypt— which had the most number of incidents for January.
SilentFace is now in Southeast Asia, where only last year it had not been operating yet.
In 2020, Kaspersky telemetry did not detect SilentFade’s presence in Southeast Asia.
A different landscape was monitored back in January when the region witnessed a rapid spread of this malware with a total of 576 incidents.
Aside from 221 and 137 detections in Indonesia and Malaysia, the Philippines logged 96 cases, Vietnam with 71, Thailand with 27, and Singapore with 24.
“Our monitoring showed the SilentFade campaign never stopped. They are just doing what they did and now we are facing the growth of their activity. Their ideas and methods remain the same with some changes,” says Anton Kuzmenko, security expert at Kaspersky.
“Now they also spread downloader, which can spread and download other, more dangerous, malware. Detected files are just like the older versions detected which our industry peers have found links with an alleged Chinese company,” he added.
“In terms of distribution, there is a possibility that someone has sold the malware source codes, the gang itself is selling the rootkits, or the codes may have been leaked,” Kuzmenko also said.
The SilentFade gang, a campaign which started in 2016, utilized a combination of a Windows Trojan, browser injections, clever scripting, and a bug in the Facebook platform.
They have a sophisticated modus operandi rarely seen with malware gangs targeting the social media company. The name of the group is a shorter term for “Silently running Facebook Ads with Exploits”
The purpose of SilentFade's operations was to infect users with the Trojan, hijack the users' browsers, and steal passwords and browser cookies so they could access Facebook accounts.
Despite operating only for a few months, Facebook said the group managed to defraud infected users of more than $4 million, which they used to post malicious Facebook ads across the social network.
Kaspersky experts suggest the following steps to keep your accounts safe from SilentFade malware:
1.Secure your computer, your mobile devices, and your data. Install a rigorous anti-malware solution on your computer, smartphone, and tablet – to protect your devices against the latest computer viruses, worms, Trojan viruses, and other threats.
2.Get a temporary credit card. Some credit card companies will issue a temporary credit card number for their customers. These temporary numbers can be useful for one-time purchases. However, you should avoid using them for any purchases that require auto-renewal or regular payments.
3.Dedicate a “clean” computer. For added security, you could use a dedicated machine for all your online financial transactions. This should be a ‘clean’ computer that is totally free of computer viruses and any other infections. In order to help keep it clean, the machine should not be used for any casual web browsing, social networking or email.
4.Manage and protect your online passwords. Using a password manager can help you to deal with multiple accounts and passwords — and to encrypt passwords that would otherwise be in plain text. Some antivirus and Internet security software products include password management and password security features.