Security News > 2020 > December > New Windows Trojan Steals Browser Credentials, Outlook Files
Researchers have discovered a new information-stealing trojan, which targets Microsoft Windows systems with an onslaught of data-exfiltration capabilities- from collecting browser credentials to targeting Outlook files.
"AridViper is an active threat group that continues developing new tools as part of their arsenal," researchers with Palo Alto's Unit42 research team said in a Monday analysis.
"The usage of Python built-in libraries is expected for multiple purposes, such as interacting with Windows processes, Windows registry, networking, file system and so on," said researchers.
While PyMicropsia is designed to target Windows operating systems only, researchers found snippets in the code that check for other operating systems.
"For now, the code found is very simple, and could be part of a copy and paste effort when building the Python code, but in any case, we plan to keep it on our radar while researching new activity."
News URL
https://threatpost.com/windows-trojan-steals-browser-credentials-outlook-files/162223/
Related news
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)
- New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials (source)
- Microsoft fixes Outlook drag-and-drop broken by Windows updates (source)
- Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials (source)
- New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials (source)