Cheap password stealing malware used in targeted attacks
Some hacking groups have now started using ready-made malware. Possibly, this could be a smart move for state-sponsored hackers to avoid being attributed easily.
This software is a “malware-asa-service,” Anyone can rent the malicious code for just $ 29 per week or $59 per month, which of- fers spying capabilities on target machines, including a key logger, password stealer, network sniffer, taking screenshots, web form data stealer and more.
According to the researchers, attackers are primarily using emails to distribute the malware as an attachment in different forms, including PDFs with malicious download links, DOC and XLS files with malicious macros, and archive files (ZIP, RAR, ACE, and ISOs) containing EXE payloads.
Once installed on a target system, the malware injects itself into various processes and starts capturing keystrokes and stored passwords and other sensitive data from multiple applications, including Google Chrome, Firefox, Skype, Safari, Vivaldi, Q-360, Microsoft Outlook, Mozilla Thunderbird, 3DFTP, FileZilla and WinSCP.
The attackers can even use the data successfully harvested by the malicious software for further cybercriminal activities including, identity theft, continued phishing operations, bank fraud and extortion.
The malware in question which we have chosen not to provide a name of to prevent further spread of the software, is neither sophisticated nor difficult-to-detect malware. So the best way to protect yourself from this malware is to keep a good paid for antivirus software on your systems, and always keep it up-to-date.