1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This newly-discovered malware targets Windows to steal sensitive

    From TechnologyDaily@1337:1/100 to All on Thu Jun 29 15:15:04 2023
    This newly-discovered malware targets Windows to steal sensitive data

    Date:
    Thu, 29 Jun 2023 14:03:12 +0000

    Description:
    New infostealer is targeting Russian speakers, but the threat actor has already tweaked the Windows malware once before.

    FULL STORY ======================================================================

    Fortinet has unveiled preliminary details of a ThirdEye, a new info-stealing malware awarded a medium severity level, meaning the risk posed to victims is potentially considerable.

    The companys FortiGuard Labs discovered the stealer when it came across suspicious-looking files in a cursory review.

    The good news is that the analysts believe it not to be sophisticated in nature, but even so, Fortinet suggests that the information stolen from
    victim machines could go on to be used for future attacks. ThirdEye infostealer witnessed in the wild

    Suspicions were raised when the team found a Russian file name in a file archive. The name, .zip, translates to timesheet. Inside the zipped folder are two files that pose as documents, but are actually executables. Read more

    These are the best identity theft protection tools around


    This new malware is proving quite popular... and dangerous


    Top NAS devices are being targeted by this dangerous malware

    The .exe files are designed to target Windows machines, which have long been the subject of attacks. However, recent months have seen many attackers shift their attention to Android devices, with multiple reports of malicious apps being hosted in the Play Store.

    When successfully deployed, the malware steals information like BIOS and hardware data and sends it back to its C2 server.

    While early versions of the malware, dating back to April, collected little more than client_hash, OS_type, host_name, and user_name, modifications a few weeks later added new parameters targeting CPU and RAM information, network interface data, and BIOS information.

    Fortinet believes that the malware serves the purpose of understanding and narrowing down potential targets, and that it might be looking to target Russian victims given the language used and the fact that it was found on a public scanning service from the country.

    Currently, the analysts arent overly concerned with the malwares sophistication, but evidence of developments suggest that future versions could be even more intrusive. After something to protect your machine? Here are the best endpoint protection tools



    ======================================================================
    Link to news story: https://www.techradar.com/pro/this-newly-discovered-malware-targets-windows-to -steal-sensitive-data


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)