EvilExtractor: The All-In-One Stealer Malware Available on The Dark Web

by | Apr 24, 2023 | News

EvilExtractor All-In-One Stealer Malware Dark Web

Post Views: 308

Premium Content

Patreon
Subscribe to Patreon to watch this episode.
Reading Time: 3 Minutes

New “all-in-one” stealer malware named EvilExtractor

Fortinet FortiGuard Labs researchers have discovered a new “all-in-one” stealer malware named EvilExtractor that is being sold on cybercrime forums like Cracked. EvilExtractor includes various modules that all operate via an FTP service, and it has environment checking and Anti-VM functions. Its primary purpose is to steal browser data and information from compromised endpoints and then upload it to the attacker’s FTP server. While marketed as an educational tool, it has been adopted by threat actors for use as an information stealer. EvilExtractor is continuously updated and is being used as a comprehensive info stealer with multiple malicious features, including ransomware.

Stealer for Windows

 

The cybersecurity firm has observed a surge in EvilExtractor attacks spreading in the wild since March 2023, with a majority of victims located in Europe and the U.S. Additionally, the malware has been used as part of a phishing email campaign detected by the company on March 30, 2023. The emails lure recipients into launching an executable that masquerades as a PDF document under the pretext of confirming their “account details.” The malware, besides gathering files, can also activate the webcam and capture screenshots.

See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses

Malvertising and SEO Poisoning Campaign Delivers Bumblebee Malware to Unsuspecting Users

Secureworks Counter Threat Unit (CTU) has also detailed a malvertising and SEO poisoning campaign used to deliver the Bumblebee malware loader via trojanized installers of legitimate software.

Bumblebee is a modular loader that’s primarily propagating through phishing techniques and is suspected to be developed by actors associated with the Conti ransomware operation.

The use of SEO poisoning and malicious ads to redirect users searching for popular tools has witnessed a spike in recent months after Microsoft began blocking macros by default from Office files downloaded from the internet.

Dark Web

Trending: Major Cyber Attacks of 2022

Trending: Offensive Security Tool: dontgo403

Mitigation

To mitigate these and similar threats, organizations should ensure that software installers and updates are only downloaded from known and trusted websites. Users should not have privileges to install software and run scripts on their computers.

Trending: Chinese hacking group APT41 caught using Google tool for data theft

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: [email protected]

Source: thehackernews.com

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This