Monday, December 2, 2019

Trojan Malware now spreading Ransomware and stealing passwords

Cybersecurity researchers from Blackberry Cylance have discovered that a newly devised Trojan malware is now spreading ransomware and stealing passwords spelling deep trouble to hackers.

 

The Python-based Trojan Malware which for now is seen targeting Windows operating system is capable of conducting espionage and stealing sensitive data.  

 

Dubbed as PyXie RAT, the malware can steal credentials, harvest data to remote servers, record videos and steal cookies and steal Keystrokes related data which could also lead to Man in the middle attacks at some point in time in due course.

 

As the malware ends with ‘.pyx’ file extension this file-encrypting malware obtained the name as PyXie Malware, closely associated with Python language.

 

“It is a sophisticated malware which can be customized as ransomware, spyware and also a DDoS attack launching control platform”, says Josh Lemos, VP of Research and Intelligence at Blackberry Cylance.

 

As per the details disclosed by Cylance, this ransomware is being spread in disguise of a legitimate application which when downloaded will secretly install the malicious payload, using PowerShell- thus gaining persistent control over the victim machine.

 

Research says that such kind of ransomware infections can be avoided by taking certain precautions and maintaining cyber hygiene.

 

Note 1- News is out that the PyXie Malware can steal Facebook and Amazon session cookies as well as sensitive data from Facebook Ads Manager.

 

Note 2- Ransomware is a file-encrypting malware existing in the cyber world since 2008. Its genre is to encrypt files until a ransom is paid to the hackers. But now, its developers are employing evolution tactics to customize it into a malware that can also steal credentials and be employed into espionage activities.

The post Trojan Malware now spreading Ransomware and stealing passwords appeared first on Cybersecurity Insiders.


December 03, 2019 at 11:04AM

0 comments:

Post a Comment