Security News > 2023 > September > ZenRAT Malware Targets Windows Users Via Fake Bitwarden Password Manager Installation Package
Windows operating systems are the target of new malware dubbed ZenRAT by U.S.-based cybersecurity company Proofpoint.
The attackers built a website that impersonates the popular Bitwarden password manager; if accessed via Windows, the fake site delivers the ZenRAT malware disguised as Bitwarden software.
The malware ensures it doesn't already run on the system by checking for a specific mutex and that the hard drive isn't less than 95GB in size, which might indicate a sandbox system to the malware.
ZenRAT pretends to be a Bitwarden password manager package.
Figure A. If accessed via a Windows operating system, the fake website delivers the ZenRAT malware disguised as Bitwarden software.
Proofpoint indicated it's not known how the malware is being distributed; however, links to the fake Bitwarden website are probably sent to targets via email, social networks, instant messaging, via fake ads or SEO poisoning.
News URL
https://www.techrepublic.com/article/zenrat-malware-targets-windows-users/
Related news
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- New SteelFox malware hijacks Windows PCs using vulnerable driver (source)
- New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus (source)