Almost every computer user has more than one account for social networking sites, email accounts, bank accounts, online shopping portals, etc. And for obvious reasons, it becomes difficult for them to remember their login credentials, and this gives away to a habit of saving username and passwords in web browsers, email clients, FTP clients, etc. There are several malware in the wild designed to steal such stored passwords. Stolen passwords are used by hackers in various campaigns like phishing emails attacks, hosting malicious files on FTP or web servers and to fetch handsome money in online black markets. Business enterprises can pay a heavy price if the accounts of their important or key employees are compromised.
Malware authors are increasingly using automation tools to manage the data they manage to steal. This post gives an insight into a password-stealing malware campaign which was started in March 2016.
Download this PDF to read the complete report
Security measures to take
1. Don’t save credentials on web browsers for your personal accounts.
2. Don’t open attachments or click on links in emails from unknown or unsolicited sources.
3. Apply security patches and updates for Operating System, Microsoft Office, Adobe Reader, Java and other programs/applications.
4. Keep Macro execution option disabled for Microsoft office as attackers are increasingly using Macro-based malware.
Subject Matter Expert
• Sagar Daundkar (Threat Research & Response Team, Quick Heal)