1 minute read
Criminals using social media to gain access to critical infrastructure and government agencies
Social media users beware!
When a criminal wants information or access to an organisation but cannot infiltrate employees’ or the organisation’s systems directly they will find another way in. There is a criminal campaign targeting employees of governments, critical infrastructure organisations, manufacturers and defence industry players via their employees’ personal social media accounts.
Malware nicknamed Sys01Stealer is being distributed via social media account posts and comments such as those on YouTube, Facebook, Instagram, Twitter, Google adverts, and social media direct messages. It has been active since at least November 2022 it is still very much in use.
Sys01Stealer infected adverts, comments, posts and messages are targeted to specific individuals the criminals have used open source intelligence (OSINT) to identify as being attached to, or associated with, their targets.
Once on an employee’s computer the malware exfiltrates information such as credentials, browser cookies and any sensitive information associated with the person that will help the criminals gain access to the agency they are targeting.
To stay safe from this campaign: www.linkedin.com/in/amandajane1 www.demystifycyber.com.au
• Be cautious what you share online about your place of work, role, security clearances and associates.
• Do not respond to unsolicited messages or comments from people you do not know.
• Double check any direct message that appears to be from a friend to make sure they sent it.
• Do not click links or download applications from social media posts.
• Use a reputable up to date anti-virus solution where appropriate.
• Stay vigilant.
