A few weeks ago, a very official-looking message started popping up in Facebook inboxes across Africa. It’s a classic phishing scam, but with a nasty twist: if you fall for it, you’re not just giving up your password—you’re inviting a piece of malware to live on your computer and steal everything it can get its hands on.
The culprit is a digital thief known as StealC v2, which cybersecurity firm Kaspersky says is being used in a fresh wave of attacks. This isn’t just about your Facebook account; this thing is built to snatch your logins, your browsing history, your screenshots, and even the keys to your crypto wallets. It’s a full-on digital home invasion.
The Scam, The Hook, and The Payday
The con is a classic fear play, perfected for the social media age.
- The Bait: You get a DM claiming your Facebook account has been locked or suspended. The message looks just official enough to make you nervous.
- The Hook: It includes a link to a fake Facebook support page. You click it, because who wants to lose their account?
- The Trap: You get to a phony “appeal” page and, thinking you’re about to fix things, you click the button. Instead, you’ve just given StealC v2 a free pass onto your device.
The malware doesn’t wait around. It immediately starts harvesting your private data and sending it back to the attackers, who are now sitting on a trove of your personal and financial information. It’s a clean and efficient operation, and according to APO Group, it’s hit hundreds of users in countries like Kenya, Angola, Uganda, and Zambia. But on the internet, borders are meaningless, so it’s only a matter of time before it spreads.
Malware-as-a-Service, a Hacker’s Best Friend
This isn’t a new scam, but this latest version is scarier. The original StealC malware has been around since 2023, but this v2 is now being sold on the black market as “Malware-as-a-Service.” That’s right, you don’t even need to be a coding genius to use it. Any would-be scammer can now rent or buy this tool, making these attacks cheaper, faster, and much more widespread.
How Not to Get Burned
Nobody wants to be a digital hermit, but a little common sense can save you a lot of grief.
- Look before you leap. Double-check the URL. A scammer’s “facebook-secure-login” is not the real “facebook.com.”
- Don’t panic. Any message that screams “ACT NOW!” is almost certainly a scam. Facebook isn’t going to suspend your account without a more formal warning.
- Keep your 2FA codes to yourself. No legitimate company will ever ask for your two-factor authentication codes in a message.
- Get a real antivirus. Free antivirus software is like a flimsy screen door on a bank vault. Get a reputable, paid security tool to actually protect yourself.
This scam is a reminder that social media isn’t just for posting vacation photos. It’s a gateway to your entire digital life. For the hackers behind StealC v2, your Facebook login is just the first step on the way to a much bigger payday. Treat it with the same caution you would your banking app. Because for them, it’s all about the money.
