Sunday, February 28, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

Masslogger Trojan Upgraded to Steal All Your Outlook, Chrome Credentials

February 19, 2021
in Internet Privacy
Masslogger Trojan Upgraded to Steal All Your Outlook, Chrome Credentials
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

A credential stealer infamous for targeting Windows systems has resurfaced in a new phishing campaign that aims to steal credentials from Microsoft Outlook, Google Chrome, and instant messenger apps.

Primarily directed against users in Turkey, Latvia, and Italy starting mid-January, the attacks involve the use of MassLogger — a .NET-based malware with capabilities to hinder static analysis — building on similar campaigns undertaken by the same actor against users in Bulgaria, Lithuania, Hungary, Estonia, Romania, and Spain in September, October, and November 2020.

You might also like

Cisco Releases Security Patches for Critical Flaws Affecting its Products

Malicious Amazon Alexa Skills Can Easily Bypass Vetting Process

North Korean Hackers Targeting Defense Firms with ThreatNeedle Malware

MassLogger was first spotted in the wild last April, but the presence of a new variant implies malware authors are constantly retooling their arsenal to evade detection and monetize them.

password auditor

“Although operations of the Masslogger trojan have been previously documented, we found the new campaign notable for using the compiled HTML file format to start the infection chain,” researchers with Cisco Talos said on Wednesday.

Masslogger

Compiled HTML (or .CHM) is a proprietary online help format developed by Microsoft that’s used to provide topic-based reference information.

The new wave of attacks commences with phishing messages containing “legitimate-looking” subject lines that appear to relate to a business.

One of the emails targeted at Turkish users had the subject “Domestic customer inquiry,” with the body of the message referencing an attached quote. In September, October and November, the emails took the form of a “memorandum of understanding,” urging the recipient to sign the document.

Masslogger

Regardless of the message theme, the attachments adhere to the same format: a RAR multi-volume filename extension (e.g., “70727_YK90054_Teknik_Cizimler.R09”) in a bid to bypass attempts to block RAR attachments using its default filename extension “.RAR.”

These attachments contain a single compiled HTML file that, when opened, displays the message “Customer service,” but in fact comes embedded with obfuscated JavaScript code to create an HTML page, which in turn contains a PowerShell downloader to connect to a legitimate server and fetch the loader ultimately responsible for launching the MassLogger payload.

Aside from exfiltrating the amassed data via SMTP, FTP or HTTP, the latest version of MassLogger (version 3.0.7563.31381) features functionality to pilfer credentials from Pidgin messenger client, Discord, NordVPN, Outlook, Thunderbird, Firefox, QQ Browser, and Chromium-based browsers such as Chrome, Edge, Opera, and Brave.

“Masslogger can be configured as a keylogger, but in this case, the actor has disabled this functionality,” the researchers noted, adding the threat actor installed a version of Masslogger control panel on the exfiltration server.

With the campaign almost entirely executed and present only in memory with the sole exception of the compiled HTML help file, the significance of conducting regular memory scans cannot be overstated enough.

“Users are advised to configure their systems for logging PowerShell events such as module loading and executed script blocks as they will show executed code in its deobfuscated format,” the researchers concluded.


Credit: The Hacker News By: noreply@blogger.com (Ravie Lakshmanan)

Previous Post

Working on Open Source AI Project to Tune Models 

Next Post

Ditching LastPass? Here are some alternatives to try

Related Posts

Cisco Releases Security Patches for Critical Flaws Affecting its Products
Internet Privacy

Cisco Releases Security Patches for Critical Flaws Affecting its Products

February 27, 2021
Malicious Amazon Alexa Skills Can Easily Bypass Vetting Process
Internet Privacy

Malicious Amazon Alexa Skills Can Easily Bypass Vetting Process

February 26, 2021
North Korean Hackers Targeting Defense Firms with ThreatNeedle Malware
Internet Privacy

North Korean Hackers Targeting Defense Firms with ThreatNeedle Malware

February 26, 2021
Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack
Internet Privacy

Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack

February 26, 2021
Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations
Internet Privacy

Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations

February 25, 2021
Next Post
Ditching LastPass? Here are some alternatives to try

Ditching LastPass? Here are some alternatives to try

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Cybercrime groups are selling their hacking skills. Some countries are buying
Internet Security

Cybercrime groups are selling their hacking skills. Some countries are buying

February 28, 2021
New AI Machine Learning Reduces Mental Health Misdiagnosis
Machine Learning

Machine Learning May Reduce Mental Health Misdiagnosis

February 28, 2021
Why would you ever trust Amazon’s Alexa after this?
Internet Security

Why would you ever trust Amazon’s Alexa after this?

February 28, 2021
AI & ML Are Not Same. Here's Why – Analytics India Magazine
Machine Learning

AI & ML Are Not Same. Here's Why – Analytics India Magazine

February 27, 2021
Microsoft: We’ve open-sourced this tool we used to hunt for code by SolarWinds hackers
Internet Security

Microsoft: We’ve open-sourced this tool we used to hunt for code by SolarWinds hackers

February 27, 2021
Is Wattpad and its machine learning tool the future of TV? — Quartz
Machine Learning

Is Wattpad and its machine learning tool the future of TV? — Quartz

February 27, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Cybercrime groups are selling their hacking skills. Some countries are buying February 28, 2021
  • Machine Learning May Reduce Mental Health Misdiagnosis February 28, 2021
  • Why would you ever trust Amazon’s Alexa after this? February 28, 2021
  • AI & ML Are Not Same. Here's Why – Analytics India Magazine February 27, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates