"We have seen the credentials stolen by these stealers act as an initial infection point for larger attacks, including ransomware incidents. Since this threat delivers multiple different payloads, including information stealers, it can pose a significant threat to enterprises," said Tiago Pereira, technical lead of security research with Cisco Talos.
Researchers with Cisco Talos, on Thursday, said they believe that the threat actor is stealing credentials with the intent of selling them on underground forums. Magnat - a name that stems from the username in the build path of the campaign’s malware - has been using fake software installers as a lure to convince users to execute malware on their system, with filenames that include viber-25164.exe and wechat-35355.exe.
Researchers have detailed a threat actor, which they call Magnat, deploying a new backdoor and undocumented malicious Google Chrome extension in malware attacks that date back to 2018.
0 kommentar(er)
