SilentFade is the name of a threatening operation and piece of malware that are believed to have been plaguing Facebook users since 2016. However, the operation was first identified and analyzed in 2018, when Facebook engineers noticed an unnatural spike in the number of advertisements that matched specific criteria. After investigation, the cybersecurity team discovered that the piece of malware had been hijacking the users profiles, and then using their saved payment methods to purchase advertisements for shady online content such as fake clothes and accessories, low-quality pills and more.
A Four-Years Long Harmful Campaign Compromised Thousands of Facebook Accounts
It is believed that the SilentFade was spread via fake downloads and pirated software that was distributed online via a myriad of methods. If a user got infected by the SilentFade, they would notice any changes in their system's behavior. However, the malware would work in the background to grab the user's Facebook cookies from their Web browser. If it was unable to do this, it would grab the saved login and password for Facebook – however, this was the backup method, since this data is not sufficient to bypass two-factor authentication.
This Week In Malware Episode 26 Part 1: SilentFade Malware Steals $4 Million Dollars From Facebook via Stolen Credentials
Once a user's account had been hijacked successfully, the criminals would access it and purchase advertisements. To make their operation difficult to spot, they made sure to disable the compromised profile's notifications – this way, they would be notified about recent spending, purchased advertisements, ad campaign performance, etc. The criminals even took extra steps to bypass the ad verification methods that Facebook uses. They would initially submit a valid image link and site address whose contents were altered once the submission was verified.
An Advertising Fraud Campaign that Costs Over $4 Million
Reports about SilentFade suspect that while the malware's Facebook campaign may have been put down, the criminals behind it might be exploiting other platforms like Twitter and Amazon by adapting their strategy successfully. The SilentFade campaign is impressive certainly, considering that it caused over $4 million in damages via ad fraud over the span of four years, and it was very difficult to detect the suspicious behavior since it was coming from legitimate and active accounts. This malware is a good reminder of why you should never underestimate your online safety – any file you download from a non-trustworthy source may hide a corrupted component like SilentFade. It is recommended to use a reputable anti-malware solution at all times.