Security News > 2022 > June > New Emotet Variant Stealing Users' Credit Card Information from Google Chrome

The notorious Emotet malware has turned to deploy a new module designed to siphon credit card information stored in the Chrome web browser.

The credit card stealer, which exclusively singles out Chrome, has the ability to exfiltrate the collected information to different remote command-and-control servers, according to enterprise security company Proofpoint, which observed the component on June 6.

The development comes amid a spike in Emotet activity since it was resurrected late last year following a 10-month-long hiatus in the wake of a law enforcement operation that took down its attack infrastructure in January 2021.

Emotet, attributed to a threat actor known as TA542, is an advanced, self-propagating and modular trojan that's delivered via email campaigns and is used as a distributor for other payloads such as ransomware.

As of April 2022, Emotet is still the most popular malware with a global impact of 6% of organizations worldwide, followed by Formbook and Agent Tesla, per Check Point, with the malware testing out new delivery methods using OneDrive URLs and PowerShell in.

"The size of Emotet's latest LNK and XLL campaigns was significantly smaller than those distributed via compromised DOC files seen in March," Dušan Lacika, senior detection engineer at Dušan Lacika, said.

News URL

https://thehackernews.com/2022/06/new-emotet-variant-stealing-users.html