Malware is currently circulating by email and stealing your passwords

2021-05-28T02:23:07.340Z

To spread better, the malware behaves like ransomware but without really encrypting the data. A massive phishing campaign is underway. Spotted by Microsoft teams, it aims to distribute a malware trojan called STRRAT, specifies ZDNet . Based on Java (1.5), this malicious program hides in an image presenting itself as an attachment associated with an email. This Trojan can steal usernames, passwords and other personal data by logging keystrokes, Microsoft warns on Twitter. The latest versi

A massive phishing campaign is underway.

Spotted by Microsoft teams, it aims to distribute a malware trojan called STRRAT, specifies

ZDNet

Based on Java (1.5), this malicious program hides in an image presenting itself as an attachment associated with an email.

This Trojan can steal usernames, passwords and other personal data by logging keystrokes, Microsoft warns on Twitter.

The latest version of the Java-based STRRAT malware (1.5) was seen being distributed in a massive email campaign last week.

This RAT is infamous for its ransomware-like behavior of appending the file name extension .crimson to files without actually encrypting them.

pic.twitter.com/mGow2sJupN

- Microsoft Security Intelligence (@MsftSecIntel) May 19, 2021

It behaves like ransomware

Its mode of operation is particular.

This is because it acts like ransomware.

So, once deployed, it appends the file name extension.

crimson to files on the computer but not actually encrypting them.

This is to distract the victim to make him believe that he is dealing only with ransomware but not a remotely executable trojan.

To spread, the malware can rely on the distribution of emails presenting the victim with a payment.

To find out the sum, you are asked to click on what looks like an attachment, supposedly in PDF format.

Once the victim opens the file, they download the malware and the hacker can gain access to their computer, note our colleagues.

Ongoing

The campaign still appears to be ongoing.

It is possible that the hackers can extend it thanks to the various data collected allowing them to access the e-mails of the victims.

The best way to protect yourself from STRRAT is not to click on the image which acts as an attachment.

Better to be wary of any email whose correspondent is unknown, especially if the subject is financial gain.

Installing an anti-virus scanning email can also protect against attacks.

High-Tech

Disney +: Subscribers targeted in phishing campaign to steal their bank details

High-Tech

Joker virus infects more than 500,000 Huawei smartphones via the Chinese manufacturer's application store

High-Tech
Phishing
Computer virus
E-mail

Malware is currently circulating by email and stealing your passwords

It behaves like ransomware

Ongoing

You may like

Trends 24h

Latest