Following the recent MacStealer discovery, the Uptycs threat research team uncovered a new strain of malware, dubbed Zaraza bot, which targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors.
Specifically, Zaraza bot steals login credentials from 38 web browsers including Google Chrome, Microsoft Edge, Opera, AVG Browser, Brave, and Yandex.
The newly uncovered attack campaign uses infostealer malware. This browser stealer exfiltrates sensitive information such as login credentials for websites like bank accounts, cryptocurrency wallets, email accounts, and web pages. Attackers then use this stolen data for malicious purposes, namely identity theft, financial fraud, and unauthorized access to personal and business accounts.
Additional details can be found in a blog post that was released yesterday.
Like this:
Like Loading...
Related
This entry was posted on April 15, 2023 at 8:05 am and is filed under Commentary with tags Uptycs. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Uptycs Threat Research Team Has Uncovered “Zaraza bot” – A New Strain Of Malware Targeting Web Browsers
Following the recent MacStealer discovery, the Uptycs threat research team uncovered a new strain of malware, dubbed Zaraza bot, which targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors.
Specifically, Zaraza bot steals login credentials from 38 web browsers including Google Chrome, Microsoft Edge, Opera, AVG Browser, Brave, and Yandex.
The newly uncovered attack campaign uses infostealer malware. This browser stealer exfiltrates sensitive information such as login credentials for websites like bank accounts, cryptocurrency wallets, email accounts, and web pages. Attackers then use this stolen data for malicious purposes, namely identity theft, financial fraud, and unauthorized access to personal and business accounts.
Additional details can be found in a blog post that was released yesterday.
Share this:
Like this:
Related
This entry was posted on April 15, 2023 at 8:05 am and is filed under Commentary with tags Uptycs. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.