Vega Stealer malware can steal financial data from Web Browsers

175

Researchers from Enterprise security firm Proofpoint have found that a new malware called ‘Vega Stealer’ is on the prowl on the web and it has the potential to steal financial data from the web browsers like Firefox and Google Chrome.

A detailed study conducted by the said Sunnyvale based company claims that the said malware is a proceed of the variant ‘August Stealer’ and has the potential to steal data related to cryptocurrency wallets, confidential documents downloaded from the email portals and password credentials.

Proofpoint researchers claim that the malware mainly targets those using Google Chrome and Firefox and is being used for small phishing attacks which could turn in to a major threat in no time.

So, all those using web browsers such as Firefox and Google Chrome are requested to delete all the info related to passwords, profiles, saved credit card details and cookies in order to stay safe from the said malware. Also, they are being requested to customize their browser settings in such a way that all the browsing data and stored information get cleared as soon as they close their respective browsers.

It is said that the malware has the ability to capture screenshots of the infected devices and scans files that end with .doc,.docx,.txt,.rtf,.xls,.xlsx,or.pdf for exfiltration.

Also, the research made by Proofpoint has discovered that the malware is being targeted at firms serving advertising, marketing, retail, manufacturing, and broadcast related business verticals.
It was found by the researchers that the phishing campaign meant to spread the malware is also dull one when sophistication stats are taken into account.

That’s because the malware authors/spreaders are seen distributing the malware via email with a subject line “Online Store Developer required”  and are seen targeting top-end officials of organizations and some high profile tech professionals.

Note- Proofpoint offers email protecting software that blocks spam, phishing, and viruses from reaching the inbox. As all the scanning takes place in milliseconds, delay in email delivery or slow opening of URLs in a web browser is never observed.

SHARE
Naveen Goud is a writer at Cyber Security Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security