Microsoft just launched a cybersecurity alert by highlighting new malware that is able to recover your passwords. The purpose of this spy program? Record the typed and arranged buttons to find the IDs and passwords without your knowledge.
According to Redmond, which just posted a warning message on social networks, this malware relies on a phishing system by inviting you to click on an attached pdf document. The latter, called STRRAT, of course contains a script that runs in the background, much like ransomware that collects your data.
The latest version of the Java-based STRRAT (1.5) malware was seen distributing in a massive email campaign last week. This RAT is notorious for its ransomware-like behavior of appending the .crimson filename extension to files without actually encrypting them. pic.twitter.com/mGow2sJupN
Microsoft Security Intelligence (MsftSecIntel) May 19, 2021
However, this behavior is nothing but a decoy, as victims imagine that this ransomware could be eliminated by an antivirus program or blocked by a firewall. However, the program circumvents a flaw and actually turns out to be a Trojan horse, which can be managed remotely by a cyber criminal.
Poor couriers
Microsoft currently shows that this malware mail and distribution campaign is spreading, but in the form of emails that are sent first in the English language. However, this type of software could easily be used by hackers with French script and spread it to us. Note that this text is provided as a way to access a payment document. If this document opens, the malware will also allow access to the mailboxes of targeted people who clicked on the attachment. It then allows the hackers to continue sending their malware to other potential victims and thus spread.
As with any questionable email of this type, it is best to avoid clicking on a link or attachment. Microsoft is also expected to release a patch for Windows 10, along with other cybersecurity systems. So be sure to keep your protection and antivirus solutions up to date. When it comes to passwords, feel free to go through double-authentication systems, with receiving a code or biometric unlock system that this type of malware was unable to parse.
Lifelong foodaholic. Professional twitter expert. Organizer. Award-winning internet geek. Coffee advocate.