Technology NewsItalian Users Warned of Malware Attack Targeting Sensitive Information

Italian Users Warned of Malware Attack Targeting Sensitive Information

-


Jan 10, 2023Ravie LakshmananCyber Threat / Data Security

Italian Users Warned of Malware Attack Targeting Sensitive Information

A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems.

“The info-stealer malware steals sensitive information like system info, crypto wallet and browser histories, cookies, and credentials of crypto wallets from victim machines,” Uptycs security researcher Karthickkumar Kathiresan said in a report.

Details of the campaign were first disclosed by Milan-based IT services firm SI.net last month.

The multi-stage infection sequence commences with an invoice-themed phishing email containing a link that, when clicked, downloads a password-protected ZIP archive file, which harbors two files: A shortcut (.LNK) file and a batch (.BAT) file.

Malware Attack

Irrespective of which file is launched, the attack chain remains the same, as opening the shortcut file fetches the same batch script designed to install the information stealer payload from a GitHub repository. This is achieved by leveraging a legitimate PowerShell binary that’s also retrieved from GitHub.

Once installed, the C#-based malware gathers system metadata, and information from dozens of web browsers (e.g., cookies, bookmarks, credit cards, downloads, and credentials), as well as several cryptocurrency wallets, all of which is transmitted to an actor-controlled domain.

To mitigate such attacks, organizations are recommended to implement “tight security controls and multi-layered visibility and security solutions to identify and detect malware.”

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.



LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest news

New OPPO Reno8 T and Reno8 T 5G, 100 megapixel camera and 120 Hz screen

OPPO has launched a new series within its Reno line: this is the Reno8 T and Reno8 T...

ஒரு செயற்கை இரசாயன கடிகாரம் சர்க்காடியன் தாளங்களின் மர்மமான சொத்தை எவ்வாறு பின்பற்றுகிறது

சர்க்காடியன் தாளங்கள் ஒரு தனித்துவமான பண்புகளைக் கொண்டுள்ளன, இதில் வெப்பநிலை ஏற்ற இறக்கங்கள் இருந்தபோதிலும் சுழற்சி காலம் மாறாமல் இருக்கும், பல உயிர்வேதியியல் எதிர்வினைகளின்...

ChatGPT – OpenAI plans to introduce an optional subscription for users of its tool

ChatGPT is one of the most interesting technological curiosities of recent months. Much has already been written...

New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities

Feb 02, 2023Ravie LakshmananCyber Risk / Threat Detection The State Cyber Protection Centre (SCPC) of Ukraine has called out...

New HeadCrab malware infects 1,200 Redis servers to mine Monero

New stealthy malware designed to hunt down vulnerable Redis servers online has infected over a thousand of them...

Rovi Mall 91 Wallet – Sign Up & Get ₹300 Worth ROVI Tokens | Instant Withdrawal

Rovi M91 Wallet Referral Code Rovi M91 Wallet – Sign Up & Get ₹300 Worth ROVI Tokens Rovi Mall 91...

Must read

Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility

Feb 01, 2023Ravie LakshmananVulnerability Cybersecurity researchers have disclosed details...

Rovi Mall 91 Wallet – Sign Up & Get ₹300 Worth ROVI Tokens | Instant Withdrawal

Rovi M91 Wallet Referral Code Rovi M91 Wallet –...