SonicWall Capture Labs Threat Research Team Uncovered A New Malware That Targets Browsers Applications

SonicWall Capture Labs Threat Research Team Uncovered A New Malware That Targets Browsers Applications

SonicWall Capture Labs Threat Research Team has recently unearthed a new variant of Raccoon stealer (V1.5). It has been used in a malicious COVID-19 campaign. Similar to several other attacks, this campaign also begins with a phishing mail posing to carry information on how to deal with the outbreak of Covid-19. The mail then encourages the users to open the attached file "COVID-19 stop.zip" to get more details.

The zip file comprises of a Microsoft document in Office Open XML format opening which is an attempt made to defraud the user, enable editing, permit content to update windows and correct the application. The document carries embedded malicious macro code that executes when macro content in enabled.

Raccoon aims at an extensive range of applications with the need of specific libraries for each application to extract and decrypt the credentials. The malware looks into the victim's machine and extracts recent data for keywords specified in the mask field, such as international bank account, account, CVV, CVC, credentials, passwords, and even cryptocurrency wallets, such as the reum and bitcoin. It also pulls out recent files with the extension .pdf, .txt, .rtf and .doc.

The malware has been found to be targeting browser applications such as Google Chrome, Chromium, 360 Browser, UC Browser amongst many others.

Debasish Mukherjee as VP, Regional Sales -APAC at SonicWall says, "With increasing distress in society as a consequence of Covid-19 pandemic, cyber attackers are creating similar sounding malware to infect devices. Cybercriminals known for their disruptive attacks are becoming innovative and are looking at novel methods to invade IT infrastructures. As cyber attackers create chaos, it becomes imperative for a cybersecurity provider like us to keep pace with innovation and offer boundless cybersecurity."

logo
Telecom Today
www.telecomtoday.in