Security News > 2023 > January > Italian Users Warned of Malware Attack Targeting Sensitive Information
A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems.
"The info-stealer malware steals sensitive information like system info, crypto wallet and browser histories, cookies, and credentials of crypto wallets from victim machines," Uptycs security researcher Karthickkumar Kathiresan said in a report.
The multi-stage infection sequence commences with an invoice-themed phishing email containing a link that, when clicked, downloads a password-protected ZIP archive file, which harbors two files: A shortcut file and a batch file.
Irrespective of which file is launched, the attack chain remains the same, as opening the shortcut file fetches the same batch script designed to install the information stealer payload from a GitHub repository.
Once installed, the C#-based malware gathers system metadata, and information from dozens of web browsers, as well as several cryptocurrency wallets, all of which is transmitted to an actor-controlled domain.
To mitigate such attacks, organizations are recommended to implement "Tight security controls and multi-layered visibility and security solutions to identify and detect malware."
News URL
https://thehackernews.com/2023/01/italian-users-warned-of-malware-attack.html
Related news
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)