Hackers have devised a clever new way to trick unsuspecting Facebook users into downloading malware onto their computers.

While just getting Facebook hacked is malicious enough, a new campaign discovered by Bitdefender uses compromised Facebook Business accounts to distribute the NodeStealer malware. [Like other information-stealing malware, NodeStealer targets Windows PCs and aims to steal browser cookies and stored usernames and passwords.

According to a blog post by Meta's engineering team, previous NodeStealer campaigns used malicious documentation to distribute this dangerous malware. This time, however, hackers are using malicious advertisements.

Here is everything you need to know about this latest NodeStealer campaign and why you should think twice before clicking on any ad you see online.

While investigating this new NodeStealer campaign, Bitdefender discovered that the hackers behind it have figured out an interesting way to get potential victims to click on malicious ads.

In a blog post detailing the findings, the company's security researcher explained that NSFW ads are the main lure used in this campaign. These ads are for Facebook pages featuring scantily clad women, as male users are the target audience.

Bitdefender has discovered a number of fake Facebook profiles using "Album Girl News Update," "Private Album Update," "Hot Album Update Today," or other similar names. These profiles feature one or two censored photos of a young woman's face or NSFW outfit.

Once these fake profiles were set up, hackers then began advertising on Facebook, promoting the content with short descriptions such as "new stuff is online today" or "see it now before it's taken down" to instill a sense of urgency and encourage unsuspecting to get unsuspecting users to click on it.

When potential victims click on these ads, instead of gaining access to an album full of NSFW photos, they download a Windows executable. Most people know the dangers of running ".exe" files downloaded from untrusted online sources, but many do not.

The executable installs the NodeStealer malware on the computer instead of the NSFW photo album, stealing passwords and cookies stored on the device.

Particularly in this campaign, victims should have been aware of the dangers of downloading NSFW photos from dubious Facebook profiles they saw in ads. However, there are many other similar campaigns that use malicious advertisements for legitimate products to infect unsuspecting users with malware.

For this reason, one should always be careful when clicking on ads online. Malicious ads are now appearing on Google search as well as Facebook. Instead, if you see an ad on a social network or even in a search engine for a deal on a product you are interested in, it is better to go to the retailer's web page yourself and search manually.

At the same time, to protect yourself from malware, you want to use the best antivirus software on your PC, the best Mac antivirus software on your Mac, and the best Android antivirus app on your Android smartphone. Similarly, if you are really worried about hackers, it may be worth investing in one of the best identity theft protection services, as they can help you deal with fraud and get your identity back if it is stolen online.

With Black Friday just around the corner, there is no doubt that hackers are trying to take advantage of all the extra year-end shopping with even more malicious ads. Therefore, you may want to get help finding deals from Tom's Guide and other reputable news sites.