fbpx
Tech News

Masslogger malware targets popular apps and browsers using a file-less method

Pinterest LinkedIn Tumblr

It was recently discovered that a new form of malware is currently targeting Windows operating systems in a bid to collect confidential information – particularly login credentials – from some of the platform’s most widely used programs and services, including NordVPN, Microsoft Outlook, Discord, and several big names in web browsing.

How does it work?

According to Cisco Talos security researcher Vanja Svajcer, last month, he came across a malware campaign utilizing a variant of the already existing Masslogger trojan that “exfiltrates user credentials over FTP. Similar campaigns targeting users in Europe were conducted since at least Sept 2020.”

Svajcer details in a blog post that “apart from the initial email attachment, all the stages of the attacks are fileless and they only occur in volatile memory.” This means that the malware does not require you to download any files in order to start compromising your personal information.

On the plus side, this also makes them fairly easy to circumvent since they circulate mainly via phishing emails – a method that’s often easy to detect. “Although operations of the Masslogger trojan have been previously documented, we found the new campaign notable for using the compiled HTML file format to start the infection chain,” advised the Cisco Talos researcher.

Still, it is crucial to stay vigilant regarding these matters, as comprised login details can do significant damage to organizations. “The credentials themselves have value on the dark web and actors sell them for money or use them in other attacks,” warns Svajcer.

New Mac chips already under threat of malware

In one of our recent articles, we covered how Apple’s new M1 processors are already being targeted by a Safari adware extension called GoSearch22. Security researcher Patrick Wardle advised that the malicious program was initially developed to attack Intel x86 systems but has since been altered to target Apple’s latest chip.

The M1 variant of GoSearch22 reportedly got by the testing platform of VirusTotal’s antivirus, leading Wardle to believe that most security programs are still unable to properly detect it.

Author

Obsessed with technology. Compelled by innovation. We're your home of gadget reviews, technology news and intensive buyers guides. We believe that technology goes far beyond the gadget itself. From groundbreaking technological advancements to quirky gifts and gizmos, we're here to tell you all about the clash between man and machine.

Write A Comment

Subscribe for weekly gadget deals & discounts.