New Phishing Attack Uses Sophisticated Infostealer Malware

14-August-24

A new sophisticated phishing attack featuring a stealthy infostealer malware that exfiltrates a wide range of sensitive data has been uncovered by threat analysts. characterized by grammatical errors, appear from a fake address. The attachment contains an ISO disc image file, a precise replica of data from optical discs like CDs or DVDs. Embedded within this image file is an HTA (HTML Application) file, which enables the execution of applications on the desktop without the security limitations of a browser. It extracts MasterKeys from browsers such as Chrome, Edge, Yandex and Brave, and captures session cookies, saved passwords, credit card information and browser histories. Additionally, the malware copies data from Bitcoin-related browser extensions, including MetaMask and Coinbase Wallet.


The malware targets PDF files and zips entire directories, including those in the Desktop, Downloads, Documents and specific %AppData% folders.

Read More…