Security News > 2020 > January > FTCODE Ransomware Now Steals Chrome, Firefox Credentials

FTCODE Ransomware Now Steals Chrome, Firefox Credentials
2020-01-21 15:02

New versions of the ransomware now sniff out saved credentials for Internet Explorer, Mozilla Firefox, Mozilla Thunderbird, Google Chrome and Microsoft Outlook.

FTCODE, a PowerShell-based ransomware that targets Italian-language users, has added new capabilities, including the ability to swipe saved web browser and email client credentials from victims.

Researchers say new versions of the ransomware now aim to steal credentials from Internet Explorer and Mozilla Firefox, as well as email clients Mozilla Thunderbird, Google Chrome and Microsoft Outlook.

The attack chain for FTCODE previously started with spam emails being sent to victims containing malicious macro documents, which when clicked downloaded the ransomware.

As ransomware attacks can be extremely damaging to businesses, more ransomware strains are continuously evolving to update their targeting and capabilities.


News URL

https://threatpost.com/ftcode-ransomware-steals-chrome-firefox-credentials/152022/