"New Phishing Attack Uses Sophisticated Infostealer Malware"
Security researchers at Barracuda Networks have discovered a new sophisticated phishing attack featuring a stealthy infostealer malware that exfiltrates a wide range of sensitive data. The researchers noted that the infostealer is engineered to collect comprehensive browser information and files. It extracts MasterKeys from browsers such as Chrome, Edge, Yandex, and Brave and captures session cookies, saved passwords, credit card information, and browser histories. Additionally, the malware copies data from Bitcoin-related browser extensions, including MetaMask and Coinbase Wallet. The researchers noted that the malware targets PDF files and zips entire directories, including those in the Desktop, Downloads, Documents, and specific %AppData% folders. The stolen data is then emailed to various addresses at the domain maternamedical.top, each designated for specific types of information like cookies, PDF files, and browser extensions. According to the researchers, this attack represents a new frontier in data exfiltration threats, with the malware's wide range of data collection capabilities posing severe risks. The researchers stated that most phishing attacks are associated with data theft, but here, we are looking at an attack designed for extensive data exfiltration executed by a sophisticated infostealer.
Infosecurity Magazine reports: "New Phishing Attack Uses Sophisticated Infostealer Malware"