The malware steals information and user credentials that are saved in web browsers, messaging apps, and FTP clients. Just last week, ESET discovered that Ficker malware now spreads through websites impersonating Microsoft Store and Spotify. It seems that threat actors have made a habit of using these fake websites to steal financial information and passwords. īoth files lead to malware that tries to steal victims’ files, email credentials, and cryptocurrency wallets.Īccording to BleepingComputer, the malware developers also attempt to steal a wide variety of cryptocurrency wallets for Windows software, including Ledger Live, Waves.Exchange, Coinomi, Electrum, Electron Cash, BTCP Electrum, Jaxx, Exodus, MultiBit HD, Aomtic, and Monero.Īll data is gathered into a %Temp% folder, which the malware will zip up and send back to the threat actor who will analyze it and use it for other malicious activities. Depending on whether they choose the 32-bit or 64-bit version, they will be offered a file called ‘6080b4_DirectX-12-Down.zip’ or ‘6083040a_Disclaimer.zip’. Once users click the Download buttons, they are redirected to an external page where they are asked to download a file. Cybersecurity analyst Oliver Hough recently discovered that hackers have created a fake DirectX 12 download site to distribute malware that steals your cryptocurrency wallets and passwords.Īlthough the website appears fully equipped with a security certificate, privacy policy, disclaimer, DMCA policy, and more, it will instead push data-stealing malware that will scan your PC for sensitive information.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |