Security News > 2020 > January > Updated FTCODE Ransomware Now Steals Credentials, Passwords

Updated FTCODE Ransomware Now Steals Credentials, Passwords
2020-01-22 20:48

FTCODE, a ransomware strain that has been active since at least 2013, has recently been revamped to include new features, including the ability to steal credentials and passwords from web browsers and email clients, according to two research reports released this week.

When examining these new ransomware samples, analysts found that FTCODE had recently been updated to steal credentials and passwords from popular browsers, including Microsoft Internet Explorer, Mozilla Firefox and Google Chrome, according to an analysis by Zscaler ThreatLabZ researchers Rajdeepsinh Dodia, Amandeep Kumar and Atinderpal Singh.

It's not clear how many victims have been hit with this ransomware strain, but its ability to encrypt files, as well steal credentials and passwords, has security analysts watching FTCODE more closely.

"The FTCODE ransomware campaign is rapidly changing," the Zscaler analysis states.

Once the FTCODE ransomware is downloaded, it conducts basic recognizance of the infected device and connects with a command-and-control server and awaits instructions, according to Positive Technologies.


News URL

https://www.inforisktoday.com/updated-ftcode-ransomware-now-steals-credentials-passwords-a-13638