Malware analysts at SentinelOne have identified a Python-based hacking tool that cybercriminals have discovered and are utilizing to compromise cloud platforms and payment services.
The program, known as FBot, can be used to enable attacks against PayPal and other SaaS accounts, as well as to harvest credentials for spamming and AWS account hijacking. Documentation from the company’s SentinelLabs research unit claims that FBot has a smaller footprint than comparable tools, suggesting that it may be the result of private development and a more focused strategy for distribution.
Researchers found that while the tool’s primary purpose is to allow actors to take over cloud, SaaS, and web services, obtaining accounts in order to launch spamming attacks is a secondary focus.
Read More: Researchers Flag FBot Hacking Tool Hijacking Cloud, Payment Services
