Skip to main content

This massive phishing campaign delivers password-stealing malware disguised as ransomware

posted onMay 25, 2021
by l33tdawg
Flickr
Credit: Flickr

A massive phishing campaign is distributing what looks like ransomware but is in fact trojan malware that creates a backdoor into Windows systems to steal usernames, passwords and other information from victims.

Detailed by cybersecurity researchers at Microsoft, the latest version of the Java-based STRRAT malware is being sent out via a large email campaign, which uses compromised email accounts to distribute messages claiming to be related to payments, alongside an image posing as a PDF attachment that looks like it has information about the supposed transfer.

When the user opens this file, they're connected to a malicious domain that downloads STRRAT malware onto the machine. The updated version of the malware is what researchers describe as "notably more obfuscated and modular than previous versions", but it retains the same backdoor functions, including the ability to collect passwords, log keystrokes, run remote commands and PowerShell, and more – ultimately giving the attacker full control over the infected machine.

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th