Cybercriminals using Coronavirus pandemic conditions to distribute malware and to steal the user login credentials.
Malware Disguised as a “Coronavirus map” used by the attackers to infect the users and to take complete control of the system.
Security researchers from Reason Labs’ observed a new campaign using information stealer AZORult malware dubbed “Coronavirus map.”
The AZORult malware is known for its information stealer capabilities, it was first observed in the year 2016, the malware also acts as a downloader.
Once the malware executed on the victim’s machine it exfiltrates sensitive data. The malware generated a unique ID for every system it infected.
It steals the following credentials such as user names, passwords, credit card numbers, history, cookies and other sensitive information stored in the browser.
As the Coronavirus spreading rapidly attackers starting using its popularity to infect victims.
Once the malware installed on the system it gives a GUI interface that makes everyone believe it is an original map. Opening the malware it shows a GUI window that loads the information from the web.
“The malware uses a few layers of packing as well as a multi-sub-process technique to make research more difficult,” reads the blog post.
The malware conducts password-stealing operation from the installed browser and creates a list called “PasswordList.txt” which stores all password information.
It is capable of stealing information from all browsers, Email clients and Cryptocurrency wallets. The following are the information shared with the C2 server.
Users are recommended not to click on the executable files and be aware of the attachments received.
You can follow us on Linkedin, Twitter, Facebook for daily Cyber Security and hacking news updates.
Researchers found a significant software supply chain vulnerability, which resulted in an outstanding $50,500 bounty…
A significant threat has emerged in the form of the ZeroLogon ransomware exploit. This exploit…
zkLend, a prominent decentralized finance (DeFi) protocol built on Ethereum's Layer-2 zk-rollup technology, has fallen…
A critical vulnerability in YouTube’s infrastructure allowed attackers to expose the email addresses tied to…
A new wave of cyberattacks has surfaced, with a Mirai-based botnet exploiting a number of…
Hackers have allegedly breached OmniGPT, a ChatGPT-like AI chatbot platform, exposing sensitive data of over…