"New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S."

Researchers have discovered new phishing attacks aimed at delivering the information stealer known as "StrelaStealer." According to a new report published by Palo Alto Networks' Unit 42, the campaigns impact over 100 EU and US organizations. These campaigns involve spam emails with attachments that eventually launch the StrelaStealer DLL payload. To avoid detection, attackers change the initial email attachment file format from one campaign to the next, preventing detection by previously generated signatures or patterns. StrelaStealer, first disclosed in November 2022, can siphon email login data from well-known email clients and exfiltrate it to an attacker-controlled server. This article continues to discuss findings regarding the new StrelaStealer phishing attacks.

THN reports "New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S."

Submitted by grigby1