The ongoing Meta malvertising campaign, active for over a month, employs an evolving strategy to distribute the SYS01 InfoStealer through ElectronJs applications disguised as legitimate software like video editors, productivity tools, and streaming services.  The campaign leverages nearly a hundred malicious domains for distribution and C2 operations, targeting a global audience, especially males aged 45 and above.  Threat actors continuously update the malware with enhanced obfuscation techniques to evade detection, making it a persistent and sophisticated threat. Impersonating as Netflix Cybercriminals have launched a widespread ad campaign targeting senior men, impersonating various popular software and services by distributing infostealers disguised as legitimate downloads for productivity tools, video editors, VPNs, streaming platforms, messaging apps, and even video games.  By leveraging many impersonated entities and extensive ad distribution, the attackers aim to reach millions of potential victims, increasing the likelihood of successful infections.

Source: GBHackers