Barracuda Exposes Infostealer Malware in Phishing Campaign
Barracuda researchers have revealed a new wave of phishing attacks featuring an advanced, stealthy technique designed to exfiltrate a wide range of sensitive information.
According to Barracuda’s blogpost, the attacks employ sophisticated infostealer malware being used to steal a wide array of information, including PDF files and directories, browser data such as session cookies and saved credit card details, bitcoin-related extensions, and web history. The stolen data is subsequently transmitted to a remote email account as a zipped attachment.
It is unusual to see infostealers designed to collect and exfiltrate such a wide range of information. According to Barracuda researchers, the attack begins with a phishing email encouraging the recipient to open an attached purchase order.
The attachment contains a disc image file. Inside that is another file, which in turn downloads and executes a series of malicious payloads. The final payload is the infostealer, an obfuscated and encrypted Python script, which goes through various levels of decoding and decrypting to get to the final code. The infostealer can collect, ZIP and exfiltrate a wide range of sensitive data to a remote email account.
What Barracuda Experts Say
“Most phishing attacks are associated with data theft, but here we are looking at an attack designed for extensive data exfiltration executed by a sophisticated infostealer,” said Saravanan Mohan, Manager – Threat Analyst at Barracuda. “The amount and range of sensitive information that can be taken is extensive. Some can potentially be leveraged in further malicious activity, such as lateral movement or financial fraud. As cybercriminals continue to develop sophisticated methods to steal critical information, it’s important for businesses to stay vigilant and proactive in their cybersecurity efforts.”
Effective security measures include implementing robust security protocols, continuously monitoring for suspicious activity, and, more importantly, educating employees on potential risks are key strategies in mitigating the risk of data exfiltration. Email protection solutions that feature multi-layered, AI and machine-learning-powered detection prevent these types of attacks from reaching user inboxes.
To read the blog head over here.
