![]() ![]() The discovery of the Zaraza bot and GuLoader coincides with the increased use of techniques such as malvertising and search engine poisoning to spread malware. In this campaign, attackers used tax-themed lures to deliver information stealers and remote access trojans (RATs) to recipients. Researchers revealed a GuLoader (CloudEyE) phishing email campaign targeting the financial sector around the same time the Zaraza bot was found. GuLoader Campaign and the Recent Increase in Malware Distribution Activities The attackers’ distribution method is unknown, but they typically employ various methods, including malvertising and social engineering.Īfter infiltrating the system, the malware collects login information from high-value targets such as online banking, cryptocurrency wallets, email accounts, and other important websites.Īttackers can use this stolen data to carry out malicious activities like financial fraud, identity theft, and gaining unauthorized access to personal and business accounts. Additionally, it can capture screenshots of the active window.Ĭybercriminals offer the Zaraza bot as a subscription-based commercial tool. It targets up to 38 web browsers, including Google Chrome, Microsoft Edge, Opera, AVG Browser, Brave, Vivaldi, and Yandex. Researchers found that the Zaraza bot is a 64-bit binary file created using C#. This malware targets a wide range of web browsers explicitly and is being distributed on a popular Russian Telegram channel for hackers. The Zaraza bot is a new type of malware that steals login information and uses Telegram as its command and control.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |