Click to Skip Ad
Closing in...
  1. Prime Day Deals
    11:01 Deals

    Check these early Prime Day deals with prices so low, it’s like Amazon made a mistak…

  2. Mattress Topper Amazon
    14:44 Deals

    33,000 Amazon shoppers say this mattress topper deserves 5 stars – today it’s…

  3. Amazon Deals
    07:58 Deals

    10 deals you don’t want to miss on Saturday: Free money from Amazon, $2.97 smart plu…

  4. Best Smart Home Devices 2021
    08:45 Deals

    10 smart home devices on Amazon you’ll wonder how you ever lived without

  5. Amazon Deals
    10:42 Deals

    Today’s best deals: Free $25 from Amazon, $600 projector for $230, $8 wireless charg…

This dangerous new malware is stealing people’s passwords

May 25th, 2021 at 9:35 PM
Malware attack

Stop opening PDFs attached to emails unless you’re absolutely certain about where they originated and who is sending them to you.

Not that most of you were likely opening such email attachments with wild abandon before now, but be warned — Microsoft’s Security Intelligence team has uncovered what sounds like a Trojan malware attack as part of a “massive” email campaign with a nasty payload — malicious PDFs, which download a password- and credential-stealing Java-based remote access Trojan called StrRAT. In addition to stealing credentials and even taking control of systems, Microsoft researchers have also found that this malware can disguise itself as faked ransomware.

Today's Top Deal The brand new Roku Express 4K+ just got its first big discount at Amazon! List Price:$39.99 Price:$29.99 You Save:$10.00 (25%) Available from Amazon, BGR may receive a commission Buy Now Available from Amazon BGR may receive a commission

“When running on a system,” Microsoft explains in a tweet thread about this particular malware, “STRRAT connects to a C2 server. Version 1.5 is notably more obfuscated and modular than previous versions, but the backdoor functions mostly remain the same: collect browser passwords, run remote commands and PowerShell, log keystrokes, among others.”

In a good summary of the mechanics of this malware by Threatpost, the publication notes that this malware campaign gets underway by attackers compromising email accounts to send out multiple kinds of emails, apparently hoping that at least one of them finds their mark. Some of the messages, for example, come with the subject line “Outgoing Payments,” which might seem innocuous enough to someone at a small business. Others purport to have come from the “Accounts Payable Department.”

The campaign includes several different emails that all use social engineering around payment receipts to encourage people to click on an attached file that appears to be a PDF but that actually has malicious intent,” Threatpost continues.

“One email informs the recipient that it includes an ‘Outgoing Payment’ with a specific number — presumably, the attached PDF. Another addresses the message to a ‘Supplier’ and appears to let the receiver know that ‘your payment has been released as per attached payment advice,’ asking the recipient to verify adjustments made in the attached PDF.”

The delivery mechanism for this malware, via the phishing emails, is arguably something of a weakness, in that in this case it requires the victim to take an action to set this whole thing in motion. Treat messages that you get out of the blue, as well as unexpected email messages, with the skepticism they deserve, especially any that have some sort of financial component, incentive or action required.

Microsoft, by the way, says its Microsoft 365 Defender can protect systems from StrRAT, and that machine learning-based protection can also detect and block malware on computer systems.

Today's Top Deal How are these hot new mini smart plugs on Amazon only $4.24 each?! List Price:$21.96 Price:$16.97 You Save:$4.99 (23%) Available from Amazon, BGR may receive a commission Buy Now Available from Amazon BGR may receive a commission

Andy is a reporter in Memphis who also contributes to outlets like Fast Company and The Guardian. When he’s not writing about technology, he can be found hunched protectively over his burgeoning collection of vinyl, as well as nursing his Whovianism and bingeing on a variety of TV shows you probably don’t like.

Popular News