LevelBlue

LevelBlue + SentinelOne: Global Partnership to Deliver AI-Powered Managed Security Operations and Incident Response. Learn More

Submit RFP Request a Demo

In part one of the SYS01 Malvertising campaign research, LevelBlue SpiderLabs looked at how threat actors have been utilizing Facebook advertising to propagate information stealing and account takeover malware.

In part two of the research, the team analyzes some of the changes that have been implemented into the malware, and some similarities to another campaign that LevelBlue has previously uncovered. As the threat actors behind the SYS01 campaign have continued to modify their malware to meet new objectives, we expect further development and changes.

Related Resources

Current: resourcesresearch-reportsfacebook-malvertising-epidemic-unraveling-a-persistent-threat-sys01-part-2
Resource: resourcesresearch-reportsan-in-depth-analysis-of-novel-karstorat-malware
Research Report

An In-Depth Analysis of Novel KarstoRAT Malware
Current: resourcesresearch-reportsfacebook-malvertising-epidemic-unraveling-a-persistent-threat-sys01-part-2
Resource: resourcesresearch-reportscyber-resilience-insights-for-ctos
Research Report

Cyber Resilience Insights for CTOs
Current: resourcesresearch-reportsfacebook-malvertising-epidemic-unraveling-a-persistent-threat-sys01-part-2
Resource: resourcesresearch-reportscyber-resilience-and-business-impact-in-us-state-and-local-government-and-higher-education
Research Report

Cyber Resilience and Business Impact in US State and Local Government & Higher Education

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.
© Copyright 2026