An upgraded version of the malware with many dangerous features.
Speaking with a reporter from Dai Doan Ket Newspaper, cybersecurity expert Nguyen Hung, co-founder of the Anti-Fraud project (chongluadao.vn), said that recently, cybersecurity experts have discovered a new variant of the Python NodeStealer malware, capable of stealing credit card information from Facebook Business and Facebook Ads Manager accounts.
Notably, experts believe this malware was developed by a group of hackers in Vietnam. Their goal is to hijack verified Facebook accounts to carry out malicious advertising campaigns.
Previously, the Python NodeStealer malware primarily targeted Facebook Business accounts to steal login credentials.
However, the new version of this malware has been upgraded with more dangerous features, allowing it to attack both Facebook Ads Manager accounts and steal credit card data stored in the browser.
This malware targets Facebook Ads Manager accounts, collecting information about advertising budgets and gaining control of the account to carry out malicious advertising campaigns.
"This malware operates by using the Python programming language and exploiting Windows Restart Manager to unlock browser database files, thereby extracting credit card data and login information."
NodeStealer is typically spread through malicious links, email attachments, or fake software. When users download and open the file, the malware is installed and begins collecting information," the analyst explained.
Recommendation for Facebook users
Cybersecurity expert Nguyen Hung advises Facebook users to be wary of links and attachments, and to avoid clicking on links or downloading files from unknown or untrusted sources.
In addition, Facebook users need to update their software regularly; ensuring that the operating system, browser, and security software are always updated to the latest versions to patch security vulnerabilities.
Additionally, Facebook users can also use security software; installing and maintaining antivirus and firewall software to detect and prevent malware.
Users need to enable two-factor authentication (2FA): Turn on 2FA for important accounts such as Facebook and email to enhance security.
"Users should check and manage their Facebook access permissions; regularly check the devices and applications that have access to their account, revoke access if any abnormalities are detected; use a password manager and do not save passwords and cookies in the browser to protect your personal Facebook account," cybersecurity expert Nguyen Hung advises.
Source: https://daidoanket.vn/chuyen-gia-canh-bao-ma-doc-moi-danh-cap-thong-tin-the-tin-dung-tu-tai-khoan-facebook-10295297.html
![[Photo] Prime Minister Pham Minh Chinh receives Lao Minister of Education and Sports Thongsalith Mangnormek](/_next/image?url=https%3A%2F%2Fvphoto.vietnam.vn%2Fthumb%2F1200x675%2Fvietnam%2Fresource%2FIMAGE%2F2025%2F12%2F16%2F1765876834721_dsc-7519-jpg.webp&w=3840&q=75)
![[Photo] Prime Minister Pham Minh Chinh receives the Governor of Tochigi Province (Japan)](/_next/image?url=https%3A%2F%2Fvphoto.vietnam.vn%2Fthumb%2F1200x675%2Fvietnam%2Fresource%2FIMAGE%2F2025%2F12%2F16%2F1765892133176_dsc-8082-6425-jpg.webp&w=3840&q=75)
![[Live] 2025 Community Action Awards Gala](/_next/image?url=https%3A%2F%2Fvphoto.vietnam.vn%2Fthumb%2F1200x675%2Fvietnam%2Fresource%2FIMAGE%2F2025%2F12%2F16%2F1765899631650_ndo_tr_z7334013144784-9f9fe10a6d63584c85aff40f2957c250-jpg.webp&w=3840&q=75)
![[Image] Leaked images ahead of the 2025 Community Action Awards gala.](/_next/image?url=https%3A%2F%2Fvphoto.vietnam.vn%2Fthumb%2F1200x675%2Fvietnam%2Fresource%2FIMAGE%2F2025%2F12%2F16%2F1765882828720_ndo_br_thiet-ke-chua-co-ten-45-png.webp&w=3840&q=75)
Comment (0)