Application security, Critical Infrastructure Security, Security Strategy, Plan, Budget

PadaLabs: Trojan targets corporate data

Cybercriminals are spreading LdPinch.ZO, a trojan that specifically targets corporate data.

The malware reaches networks via email attachment or concealed internet download. Once activated, the trojan installs malicious code designed to steal passwords, login details and other private data, according to researchers at PandaLabs.

The malware allows attackers to control an infected machine from a remote location. The trojan also simulates clicking OK on firewall warnings when software alerts the user to a suspicious internet connection. LdPinch.ZO then mimics the user to access the web and steal information, according to reports, researchers said.

"Corporate espionage is just one of the multiple uses that this type of trojan can have," warned Luis Corrons, technical director at PandaLabs. "Companies keep confidential information in their computers or email accounts. Thanks to this malicious code, a cybercriminal could get this data and sell it or use it for their own benefit."

Related

GitHub search exploited for malware distribution

Malware-laced GitHub repositories using popular names and topics are being advanced by threat actors through automated updates and fraudulent stars meant to manipulate the leading software developer platform's search rankings as part of a new open-source supply chain attack, The Hacker News reports.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.