Security News > 2021 > February > Masslogger Swipes Microsoft Outlook, Google Chrome Credentials
Cybercriminals are targeting Windows users with a new variant of the Masslogger trojan, which is spyware designed to swipe victims' credentials from Microsoft Outlook, Google Chrome and various instant-messenger accounts.
When the Masslogger variant launched its infection chain, it disguised its malicious RAR files as Compiled HTML files.
These emails contained RAR attachments - however, of note, while the typical filename extensions for RAR files is.
The files were named with the pattern "r00," with the numbers growing per file in each email.
The Compiled HTML file format is used for help documentation - the files are compiled and saved in a compressed HTML format.
The Masslogger payload contains the functionality to target and steal credentials from the following applications: Pidgin, the FileZilla File Transfer Protocol client, the Discord group-chatting platform, NordVPN, Outlook, FoxMail, Firefox, Thunderbird, QQ Browser and Chromium-based browsers.
News URL
https://threatpost.com/masslogger-microsoft-outlook-google-chrome/164011/
Related news
- Google Chrome gets a mind of its own for some security fixes (source)
- Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense (source)
- New Google Chrome feature will translate complex pages in real time (source)
- New Octo Android malware version impersonates NordVPN, Google Chrome (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- How to enable Safe Browsing in Google Chrome on Android (source)
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
- New tool bypasses Google Chrome’s new cookie encryption system (source)
- Malware locks browser in kiosk mode to steal Google credentials (source)
- Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature (source)