Wednesday, March 29, 2023
  • Shop
  • My Account
    • Cart
    • Checkout
  • Login
NewsDigitize
  • Home
  • News
    • Google
    • Apple
    • Facebook
    • Microsoft
      • Windows
    • WhatsApp
    • Yahoo
    • Flipkart
    • Intel
    • Nvidia
    • Alibaba
    • NASA
    • IBM
    • BlackBerry
    • Linux
    • Airtel
    • Amazon
  • Social
    • Social Media
    • Twitter
    • Facebook
  • Topic
    • Technology
    • Technology company
    • Android
    • Android App
    • App
    • Smart Phones
    • Router
    • WiFi
    • Electronics
    • Space
    • Virtualization
    • Gadget
    • SEO
    • Hacking
    • Robot
    • Transportation
    • Drones
  • Internet
  • Telecom
No Result
View All Result
Plugin Install : Cart Icon need WooCommerce plugin to be installed.
NewsDigitize
  • Home
  • News
    • Google
    • Apple
    • Facebook
    • Microsoft
      • Windows
    • WhatsApp
    • Yahoo
    • Flipkart
    • Intel
    • Nvidia
    • Alibaba
    • NASA
    • IBM
    • BlackBerry
    • Linux
    • Airtel
    • Amazon
  • Social
    • Social Media
    • Twitter
    • Facebook
  • Topic
    • Technology
    • Technology company
    • Android
    • Android App
    • App
    • Smart Phones
    • Router
    • WiFi
    • Electronics
    • Space
    • Virtualization
    • Gadget
    • SEO
    • Hacking
    • Robot
    • Transportation
    • Drones
  • Internet
  • Telecom
No Result
View All Result
Plugin Install : Cart Icon need WooCommerce plugin to be installed.
NewsDigitize
No Result
View All Result

This malware can steal your saved passwords, credit card details from Chrome, Firefox browsers

Chief Editor by Chief Editor
May 15, 2018
in Virus
0 0
0
Home Virus

NEW DELHI: A new malware called Vega Stealer is doing rounds of the internet. Researchers claim that Vega Stealer is designed to gather saved financial data from Firefox and Google Chrome browsers. The researchers from Proofpointsay that the malware is being used for small phishing attacks but it has the potential to become a threat to businesses in the future.

Vega Stealer is a variant of August Stealer and it finds and steals credentials, confidential documents, cryptocurrency wallet details and other important information. The researchers claim that the malware focuses on the theft of saved credentials and and payment information from Google Chrome.

The credentials consists of passwords, profiles, saved credit card details and cookies. On the other hand, when the Firefox browser is in use then the malware focuses on specific files which store information like keys and passwords.

Apart from stealing information, the malware also captures screenshots of the infected device and scans files that end with .doc, .docx, .txt, .rtf, .xls, .xlsx, or .pdf for exfiltration. The researchers also add that presently the malware is being utilized to target businesses in the field of advertising, marketing, retail, manufacturing and public relations.

The phishing campaign designed to spread the malware is also not a very sophisticated one. The hackers just send an email with the subject line, “”Online store developer required”. Some of these mails target businesses while some focus on individuals. These emails consist of an attachment called “brief.doc” which has the malicious macros that download the Vega Stealer in the system.

The reachers highlight, “The macro retrieves the payload in a two-step process in which junk functions iterate while simultaneously building a string to be executed using a GetObject function. This string is the first request in the two-step process (Figure 2). The first request executed by the document retrieves an obfuscated JScript/PowerShell script. The execution of the resulting PowerShell script creates the second request, which in turn downloads the executable payload of Vega Stealer. The payload is saved to the victim machine in the user’s “Music” directory with a filename of “ljoyoxu.pkzip”. Once this file is downloaded and saved, it is executed automatically via the command line.”

The researchers further add, “The document macro utilized in this campaign is a commodity macro that we believe is for sale and used by multiple actors, including the threat actor spreading Emotet banking Trojan,” the researchers say. “However, the URL patterns from which the macro retrieves the payload are the same as those used by an actor we are tracking who distributes the Ursnif banking Trojan, which often downloads secondary payloads such as Nymaim, Gootkit, or IcedID. As a result, we attribute this campaign to the same actor with medium confidence.”

Source: gadgetsnow.com
ShareTweetShare
Chief Editor

Chief Editor

Next Post
Google has started rolling out ‘voice remote’ support for YouTube TV

Google has started rolling out 'voice remote' support for YouTube TV

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

  • Trending
  • Comments
  • Latest
Vodafone India says IoT becoming fastest growing segment for enterprise biz; mulling narrowband IoT network

Vodafone India says IoT becoming fastest growing segment for enterprise biz; mulling narrowband IoT network

April 16, 2018
What are the Basic Elements of a Fiber Optic Communication System?

What are the Basic Elements of a Fiber Optic Communication System?

April 4, 2018
Here’s how you can de-link your Facebook profile from Instagram

Here’s how you can de-link your Facebook profile from Instagram

February 25, 2022
Android Oreo: 18 advanced tips and tricks

Android Oreo: 18 advanced tips and tricks

March 19, 2018
Apple’s plan to put health records on your phone has huge implications for medicine

Apple’s plan to put health records on your phone has huge implications for medicine

6

The totaly amazing street art collection of 2016

5

Everything you ever need to know about flowers

4

Why you need an amazing photography collection

3
The Snapdragon 8 Gen 2 Processor is expected to power the Samsung Galaxy Tab S9 Ultra

The Snapdragon 8 Gen 2 Processor is expected to power the Samsung Galaxy Tab S9 Ultra

March 17, 2023
This iPhone 14 feature sustained life of two the one lost control of their limousine, fell from the artery

This iPhone 14 feature sustained life of two the one lost control of their limousine, fell from the artery

December 19, 2022
Indian compact observes cosmic intensity as failing star comes close to a abyss

Indian compact observes cosmic intensity as failing star comes close to a abyss

December 1, 2022
Synchron Switch Now Lets You Control Your iPhone or iPad Using Brain: All Details

Synchron Switch Now Lets You Control Your iPhone or iPad Using Brain: All Details

November 7, 2022
NewsDigitize

Technological Advances

Newsguard, a global organisation that analyses news sources for certain journalistic standards, has given the newsdigitize website a GREEN rating for credibility and trustworthiness.

Footer Menu

  • HOME
  • NEWS
  • SOCIAL
  • TOPIC
  • INTERNET
  • TELECOM

Recent News

The Snapdragon 8 Gen 2 Processor is expected to power the Samsung Galaxy Tab S9 Ultra

The Snapdragon 8 Gen 2 Processor is expected to power the Samsung Galaxy Tab S9 Ultra

March 17, 2023
This iPhone 14 feature sustained life of two the one lost control of their limousine, fell from the artery

This iPhone 14 feature sustained life of two the one lost control of their limousine, fell from the artery

December 19, 2022

© 2022 All Rights Reserved newsdigitize.co.in.

No Result
View All Result
  • Home
  • News
    • Google
    • Apple
    • Facebook
    • Microsoft
      • Windows
    • WhatsApp
    • Yahoo
    • Flipkart
    • Intel
    • Nvidia
    • Alibaba
    • NASA
    • IBM
    • BlackBerry
    • Linux
    • Airtel
    • Amazon
  • Social
    • Social Media
    • Twitter
    • Facebook
  • Topic
    • Technology
    • Technology company
    • Android
    • Android App
    • App
    • Smart Phones
    • Router
    • WiFi
    • Electronics
    • Space
    • Virtualization
    • Gadget
    • SEO
    • Hacking
    • Robot
    • Transportation
    • Drones
  • Internet
  • Telecom

© 2022 All Rights Reserved newsdigitize.co.in.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In