Skip to main content

Separ Malware Plucks Hundreds of Companies’ Credentials in Ongoing Phish

posted onFebruary 20, 2019
by l33tdawg
Threat Post
Credit: Threat Post

An ongoing phishing campaign is using malicious PDF documents to spread Separ malware and ultimately steal victims’ browser and email credentials.

Since the attack started at the end of January, it has affected around 200 companies and over 1,000 individuals, located mainly in Southeast Asia, the Middle East, and North America – and the bad actors behind the attack continue to upload stolen data daily, researchers with Deep Instinct told Threatpost.

The campaign’s effectiveness stems from a simple but dangerous tactic used by the Separ credential-stealer for evading detection: Using a combination of legitimate executable files and short scripts. “Although the attack mechanism used by this malware is very simple, and no attempt has been made by the attacker to evade analysis, the growth in the number of victims claimed by this malware shows that simple attacks can be very effective,” said Guy Propper with Deep Instinct in a Tuesday post.

Source

Tags

Industry News

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th