Security News > 2021 > February > Masslogger Swipes Microsoft Outlook, Google Chrome Credentials
Cybercriminals are targeting Windows users with a new variant of the Masslogger trojan, which is spyware designed to swipe victims' credentials from Microsoft Outlook, Google Chrome and various instant-messenger accounts.
When the Masslogger variant launched its infection chain, it disguised its malicious RAR files as Compiled HTML files.
These emails contained RAR attachments - however, of note, while the typical filename extensions for RAR files is.
The files were named with the pattern "r00," with the numbers growing per file in each email.
The Compiled HTML file format is used for help documentation - the files are compiled and saved in a compressed HTML format.
The Masslogger payload contains the functionality to target and steal credentials from the following applications: Pidgin, the FileZilla File Transfer Protocol client, the Discord group-chatting platform, NordVPN, Outlook, FoxMail, Firefox, Thunderbird, QQ Browser and Chromium-based browsers.
News URL
https://threatpost.com/masslogger-microsoft-outlook-google-chrome/164011/
Related news
- Google Chrome's AI-powered security feature rolls out to everyone (source)
- Google Chrome disables uBlock Origin for some in Manifest v3 rollout (source)
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)
- Microsoft fixes Outlook drag-and-drop broken by Windows updates (source)
- Microsoft names alleged credential-snatching 'Azure Abuse Enterprise' operators (source)
- Google Cuts Off uBlock Origin on Chrome as Firefox Stands Firm on Ad Blockers (source)
- Microsoft says button to restore classic Outlook is broken (source)
- Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets (source)
- Microsoft Exchange Online outage affects Outlook web users (source)
- Malicious ads target Semrush users to steal Google account credentials (source)