Attackers leveraged pernicious ads to lure targets into downloading ZIP packages with the malicious Electron app in the guise of legitimate software, which downloads the SYS01 infostealer that primarily compromises Facebook credentials while displaying the advertised software to conceal compromise.
Article Link: New Facebook-targeted malvertising deploys SYS01 infostealer | SC Media