Numerous web browsers and cryptocurrency wallets on Windows systems are being targeted by the new Bandit Stealer information-stealing malware, which could also evade Windows Defender, and be used to facilitate data breaches, account takeovers, identity theft, and credential stuffing attacks, reports The Record, a news site by cybersecurity firm Recorded Future.
Trend Micro researchers discovered that the Go-based Bandit Stealer malware which resembles other info-stealers, including Luna Grabber, Kyoku Cookie token stealer, Pegasus Stealer, and Creal Stealer does not only have the capability to exfiltrate data, including usernames, hard drive details, current IPs, country codes, and detailed computer information, but also impact victims' Telegram accounts to enable further compromise.
Malicious websites and phishing emails with seemingly innocuous files have been leveraged to deliver the persistent Bandit Stealer malware, according to researchers. Attackers have also been using a fake installer for the Heartsender program to deliver the Bandit Stealer malware.
North Korea's Lazarus Group has leveraged the backdoored PDF reader app SwiftLoader used in the RustBucket campaign to facilitate the deployment of the KANDYKORN macOS malware in a bid to better evade detection, according to The Hacker News.
More advanced attack techniques are being exhibited by the WildCard advanced persistent threat operation, which has targeted Israel for the past eight years, amid the ongoing war between Israel and Palestinian militant group Hamas, CyberScoop reports.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news