Bitdefender cybersecurity researchers have warned on the mass phishing a Windows-targeted campaign aimed at infecting computers with malware that can steal usernames, passwords, credit card information, and the contents of cryptocurrency wallets.
As the researchers explained, malware RedLine is offered under the “malware as a service” scheme, which gives even petty cybercriminals the ability to steal many different sensitive personal data for only $ 150.
Malware first appeared in 2020, but RedLine recently gained additional features.
During April, mass spam campaigns were noticed in which this malware spread. Emails contain an attachment that, if opened, will start the malware installation process. The victims are mostly Windows users in North America and Europe.
The known vulnerability CVE-2021-26411 in Internet Explorer is used to infect computers. The vulnerability was discovered and patched last year, so the malware can only infect the computers of those users who have not yet downloaded the patch.
After infecting the computer, RedLine performs an initial reconnaissance of the target system, looking for information such as usernames and passwords, then which web browsers installed and whether antivirus software is running.
The malware searches for information that it can steal and then retrieves passwords, cookies and credit card information stored in web browsers, as well as crypto wallets, chats, VPN login information and other information.
RedLine can be found on hacker sites, and cybercriminals are offered several levels of service. Potential thieves can “rent” malware for $ 100 or they can pay a “lifetime” subscription for $ 800.
Malware is relatively simple, but powerful, with the possibility of stealing a huge amount of sensitive information, even if the customers are inexperienced. However, it is possible to protect yourself from RedLine by applying security patches, especially for Internet Explorer.
It is also recommended that users update the operating system, applications and antivirus software to prevent known vulnerabilities from being exploited to infect devices with this and other malware.
Source: Informacija.rs by www.informacija.rs.
*The article has been translated based on the content of Informacija.rs by www.informacija.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!