Security News > 2022 > May > Ukraine warns of “chemical attack” phishing pushing stealer malware
Ukraine's Computer Emergency Response Team is warning of the mass distribution of Jester Stealer malware via phishing emails using warnings of impending chemical attacks to scare recipients into opening attachments.
Ukrainians live under this constant fear, so these phishing emails pretend to be warnings of chemical attacks to ensure that recipients won't ignore their messages.
The payload dropped on the victim's system is Jester Stealer, an info-stealing malware strain gaining popularity in 2022 thanks to its extensive capabilities and affordable prices.
Jester Stealer is a powerful information-stealing trojan that steals data data stored in browsers such as account passwords, messages on email clients, discussions on IM apps, and cryptocurrency wallet details.
A unique characteristic of Jester Stealer is its use of AES-CBC-256 encryption for communicating with its operators via Tor network servers and transmitting the stolen data to private Telegram channels.
Jester Stealer is licensed to anyone for $99 per month or $249 for lifetime access, so chances are this campaign is orchestrated by low-skilled opportunists.
News URL
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)