Ethical Hacking News Hubb
Advertisement Banner
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home Ethical Hackers

Researchers Warn of Cyber Criminals Using Go-based Aurora Stealer Malware

admin by admin
November 22, 2022
in Ethical Hackers


A nascent Go-based malware known as Aurora Stealer is being increasingly deployed as part of campaigns designed to steal sensitive information from compromised hosts.

“These infection chains leveraged phishing pages impersonating download pages of legitimate software, including cryptocurrency wallets or remote access tools, and the 911 method making use of YouTube videos and SEO-poised fake cracked software download websites,” cybersecurity firm SEKOIA said.

First advertised on Russian cybercrime forums in April 2022, Aurora was offered as a commodity malware for other threat actors, describing it as a “multi-purpose botnet with stealing, downloading and remote access capabilities.”

In the intervening months, the malware has been scaled down to a stealer that can harvest files of interest, data from 40 cryptocurrency wallets, and applications like Telegram.

Aurora also comes with a loader that can deploy a next-stage payloading using a PowerShell command.

Aurora Stealer Malware

The cybersecurity company said at least different cybercrime groups, called traffers, who are responsible for redirecting user’s traffic to malicious content operated by other actors, have added Aurora to their toolset, either exclusively or alongside RedLine and Raccoon.

“Aurora is another infostealer targeting data from browsers, cryptocurrency wallets, local systems, and acting as a loader,” SEKOIA said. “Sold at a high price on market places, collected data is of particular interest to cybercriminals, allowing them to carry out follow-up lucrative campaigns, including Big Game Hunting operations.”

The development also comes as researchers from Palo Alto Networks Unit 42 detailed an enhanced version of another stealer called Typhon Stealer.

The new variant, dubbed Typhon Reborn, is designed to steal from cryptocurrency wallets, web browsers, and other system data, while removing previously existing features like keylogging and cryptocurrency mining in a likely attempt to minimize detection.

“Typhon Stealer provided threat actors with an easy to use, configurable builder for hire,” Unit 42 researchers Riley Porter and Uday Pratap Singh said.

“Typhon Reborn’s new anti-analysis techniques are evolving along industry lines, becoming more effective in the evasion tactics while broadening their toolset for stealing victim data.”





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

Tool For Producing Threat Hunting And Intelligence Data From Public Sandbox Detonation Output

Next Post

Beste Black Friday VPN-aanbiedingen 2022: 15 VPN-coupons!

Next Post

Beste Black Friday VPN-aanbiedingen 2022: 15 VPN-coupons!

Recommended

Hackers Using Trojanized macOS Apps to Deploy Evasive Cryptocurrency Mining Malware

1 month ago

VPN vs. DNS Security

5 months ago

© Ethical Hacking News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Ethical Hackers
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact

© 2022 Ethical Hacking News Hubb All rights reserved.