Click to Skip Ad
Closing in...
  1. MyQ Smart Garage Door Opener
    11:06 Deals

    Unreal Prime Day deal gets you a MyQ smart garage opener and a $40 Amazon credit for $17

  2. Amazon Prime Day Deals 2021
    12:56 Deals

    Amazon just announced a ton of new deals for day 2 of Prime Day

  3. Best Prime Day Deals
    17:36 Deals

    The 15 best Prime Day deals you can still get right now

  4. Amazon Dash Smart Shelf
    15:16 Deals

    I’m obsessed with this Amazon gadget you’ve never heard of – and it&#821…

  5. Prime Day Deals 2021
    04:05 Deals

    Amazon Prime Day deals 2021: See hundreds of the best deals right here

Beware: This dangerous new malware can steal your passwords and your cryptocurrency

May 5th, 2021 at 6:37 PM
Malware attack

Phishing attacks have spawned a slew of new malware threats in recent days, according to researchers who’ve identified a serious threat actor behind three new connected malware families — which have been labeled as Doubledrag, Doubledrop, and Doubleback — and another unrelated threat called Panda Stealer, which is a variant of a cryptocurrency stealer and is mostly being spread via global email spam.

Here’s a rundown on these new malware discoveries, including what researchers have found and the implications herein: Let’s start with a report from FireEye’s Mandiant cybersecurity team, which revealed malware strains that have never been seen before, with “professionally coded sophistication,” and that came in two waves of phishing attacks globally. These attacks hit some 50 organizations at the end of 2020, with the first wave reported on December 2 and the second wave coming between December 11 and December 18.

In both waves, the US was the main target. “In December 2020, Mandiant observed a widespread, global phishing campaign targeting numerous organizations across an array of industries,” the report notes. “Mandiant tracks this threat actor as UNC2529. Based on the considerable infrastructure employed, tailored phishing lures and the professionally coded sophistication of the malware, this threat actor appears experienced and well resourced.” These phishing campaigns were built around tricking recipients into opening emails containing inline links to malicious URLs and subsequently tricking the victim into downloading dangerous files.

Because of this, it’s worth reiterating that there’s never a bad time to brush up on the best practices governing how to protect yourself from phishing attacks and emails that, more than ever, can look like they’re the real thing — a package delivery update, or an alert from your bank or credit card company, for example. Here’s a helpful rundown of some strategies to follow to stay safe from phishing attacks.

Meantime, the Panda Stealer malware we mentioned above was revealed, thanks to researchers from Trend Micro, to be targeting people around the world, including in the US, Japan, Australia, and Germany. “Panda Stealer is deployed through spam emails posing as business quote requests to lure unwary victims into opening malicious Excel files,” the researchers explain.

This one sounds particularly nasty. “Once installed,” the researchers continue, “Panda Stealer can collect details like private keys and records of past transactions from its victim’s various digital currency wallets, including Dash, Bytecoin, Litecoin, and Ethereum. Not only does it target cryptocurrency wallets, it can steal credentials from other applications such as NordVPN, Telegram, Discord, and Steam.”

Furthermore, Panda Stealer is also able to take screenshots of the infected computer and to exfiltrate data from browsers like cookies, passwords, and cards. The full Trend Micro report is definitely worth a read.

Andy is a reporter in Memphis who also contributes to outlets like Fast Company and The Guardian. When he’s not writing about technology, he can be found hunched protectively over his burgeoning collection of vinyl, as well as nursing his Whovianism and bingeing on a variety of TV shows you probably don’t like.

Popular News