Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Hackers Steal Over 40k Logins for Gov Services in 30 Countries
#1
Quote:Victims fell for phishing trick

According to Group-IB, the hackers were able to grab the username/password pairs via malicious emails that distributed well-known spyware tools like Pony Formgrabber, AZORult, and Qbot (Qakbot).
The phishing operation targeted both personal and corporate email accounts and disguised the malware as a legitimate file or archive. When the victim opened the attachment, the malware would deploy and start looking for sensitive information on the system.
Pony targets over 70 software programs, searching for credentials in configuration files, databases, and secret storages. Once it collects the data, it sends it to the attacker's command and control (C2) server.
AZORult pilfers passwords from web browsers and also forages for data related to cryptocurrency. This particular trojan comes with a diverse set of capabilities that includes downloader functionality to deliver other threats, such as the Aurora ransomware.


https://www.bleepingcomputer.com/news/se...countries/
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  (Kaspersky ) Top 10 countries with the largest number of threats of selected type mrtrout 0 574 02-04-2023 , 05:43 AM
Last Post: mrtrout
  Hackers steal 50,000 credit cards from 300 U.S. restaurants mrtrout 0 686 07-20-2022 , 02:25 AM
Last Post: mrtrout
  Hackers exploit Microsoft MSHTML bug to steal Google, Instagram creds mrtrout 0 1,020 11-25-2021 , 02:58 PM
Last Post: mrtrout
  Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries mrtrout 0 541 10-14-2021 , 10:21 PM
Last Post: mrtrout
  Hackers Steal More Than $97M from Liquid Crypto Exchange mrtrout 0 530 08-23-2021 , 10:22 PM
Last Post: mrtrout

Forum Jump:


Users browsing this thread: 1 Guest(s)