A new malware called Ov3r_Stealer was found to be intended for stealing cryptocurrency wallets and passwords and then sending them to a Telegram channel that the threat actor maintains. Identified early in December, the malware was spread via a Facebook advertisement for an account manager position. The user was directed via weaponized links to a malicious Discord content delivery URL, which triggered the attack’s execution phase.
Source: GBHackers