Click to Skip Ad
Closing in...
  1. Best Kitchen Gadgets
    08:33 Deals

    Amazon shoppers are obsessed with this $23 gadget that should be in every kitchen

  2. Prime Day Deals
    07:58 Deals

    Amazon has 10 new early Prime Day deals you need to see to believe

  3. Galaxy Star Projector Amazon
    09:43 Deals

    This awesome $32 gadget went viral on TikTok and now Amazon shoppers are obsessed

  4. Amazon Gift Card
    07:58 Deals

    $25 in free Amazon credit beats any Prime Day deal – here’s how to get it

  5. Amazon Deals
    10:18 Deals

    Today’s top deals: Free $25 Amazon credit, $4 smart plugs, $15 Echo Auto with free m…

Beware: This new malware can steal your passwords and hijack your webcam

May 18th, 2021 at 9:00 AM
Cybersecurity news

Cybersecurity news has been dominated in recent days by the fallout from the Russian ransomware gang you’ve no doubt heard about by now, the one that hacked the IT network of a major US fuel pipeline and sent US national security officials scrambling. We will be reeling from the effects of this attack, one way or another, for a long time to come, while there is still a slew of additional new threats and cybersecurity news keeping security professionals on multiple fronts.

Microsoft in recent days sent out an alert about one such threat — a remote access tool called RevengeRAT that Microsoft appears to be targeting the aerospace and travel industries with spear-phishing emails. This particular threat is delivered via an email designed to fool the recipient into thinking it’s genuine and thus opening it, along with an attached Adobe PDF file that goes on to download a malicious file.

Today's Top Deal How are these hot new mini smart plugs on Amazon only $4.24 each?! List Price:$21.97 Price:$16.97 You Save:$5.00 (23%) Available from Amazon, BGR may receive a commission Buy Now Available from Amazon BGR may receive a commission

Microsoft goes on to explain that attackers use these kinds of remote access Trojans for everything from data theft to follow-on activity, as well as the delivery of additional attack payloads that are used for data exfiltration. “The campaign uses emails that spoof legitimate organizations, with lures relevant to aviation, travel, or cargo,” explains Microsoft in a series of tweets about this threat. “An image posing as a PDF file contains an embedded link (typically abusing legitimate web services) that downloads a malicious VBScript, which drops the RAT payloads.”

These kinds of Trojans steal content like user login credentials as well as webcam images, along with anything that the system clipboard has been used to copy. Another point to note, the malicious executable content at the center of this threat campaign is a loader called Snip3. Security firm Morphisec has also pointed out another feature of Snip3 — that if “the script is executed within Microsoft Sandbox, VMWare, VirtualBox, or Sandboxie environments” and it identifies one of those virtual machine environments, the script terminates without loading the Trojan.

The method used to get this attack running, by the way, remains incredibly popular among hackers, partly because of how easy it is to trick at least one person within an organization or enterprise to click on a file from a dodgy email that has been dressed up to appear genuine. I’ve also read some unconfirmed reports that a sketchy email with a malicious file attached may have been what kicked off the Colonial Pipeline attack in recent days, which allowed the DarkSide ransomware gang to steal some 100GB of files from the pipeline company’s IT network and then lock that network down until a nearly $5 million ransom was paid.

Today's Top Deal Prime members save $27 on the super-popular Fire TV Stick 4K Essentials Bundle! List Price:$72.97 Price:$55.97 You Save:$17.00 (23%) Available from Amazon, BGR may receive a commission Buy Now Available from Amazon BGR may receive a commission

Andy is a reporter in Memphis who also contributes to outlets like Fast Company and The Guardian. When he’s not writing about technology, he can be found hunched protectively over his burgeoning collection of vinyl, as well as nursing his Whovianism and bingeing on a variety of TV shows you probably don’t like.

Popular News