[ad_1]
According to the specialized website Infotechnology, the new virus, discovered by researchers at the computer security company Proofpoint, called Vega Stealer and is a variant of the August Stealer that was detected early May in through an email campaign. In this document, hackers have used as an excuse an offer of employment for an ecommerce site or the return of a product purchased online.
On May 8, Proofpoint received and blocked a low-volume email campaign similar to the required online store developer (developer required for the online store, in Spanish). While some mailings were sent to individuals, others were circulated through distribution lists including "info @" and "clientservice @" and the like to reach more victims in two areas of marketing and relationships public, on the one hand; and retail and industry, on the other.
The mail had an attachment called "brief.doc" that contained a series of commands that downloaded the executable file with the virus. This executable has been installed in the "Music" directory under the name "ljoyoxu.pkzip".
Once executed, he proceeded to collect the aforementioned data. In the case of the Google browser, you need passwords, credit card information (name, expiration date and card number), cookies and the full profile of users. In Mozilla, meanwhile, it collects files from folders that store passwords and keys.
These mails come from the same IP address as a virus that was sent the previous day, May 7th. in August Stealer. The campaign targeted the same target audience but the problems were different: they were aimed at returning a product online.
This virus could become a long-term threat, warned the computer scientists who analyzed it. "Although Vega Stealer is not the most complex malware that circulates today, it shows the flexibility of this type of threat," they explain. "As its delivery system is similar to that of other more prevalent and mature viruses, Vega has the potential to become a long-term threat," they warned.
Source: LaGaceta
EA [19659009] (Function (d, s, id) {
var js, fjs = d.getElementsByTagName (s) [0];
if (d.getElementById (id)) returns;
js = d.createElement (s); js.id = id;
js.src = "http://connect.facebook.net/en_LA/all.js#xfbml=1&appId=155574704533127";
fjs.parentNode.insertBefore (js, fjs);
} (document, 'script', 'facebook-jssdk'));
[ad_2]
Source link
