Malware steals browser, FTP, and email credentialsĪdditionally, it will search the user's Windows registry and data storage units for information to steal.ĬYREN researchers say the malware can collect the databases of browsers, FTP, and email clients. In turn, the EXE file will install a keylogger on the user's computer, and log both keypresses and mouse movements. The file attachments contained in the email, all use the "double extension" trick, perpetrating to be a PDF file, but actually being an EXE file, as (Swift_).Įxecuting the email's payload drops a file named "filename.vbs", a Visual Basic script in the victim's Startup folder and "filename.exe" at: %AppData%\Local\Temp\subfolderĮvery time the user logs into his PC, the Visual Basic script will execute the filename.exe file. Spam email posing as a fake bank transfer (via CYREN)
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |