Password Stealing Malware the latest tool for Cybercriminals

Remember last year, Verizon released data breach investigation report that showed 80 percent of the hacking was related to stolen password. The cybercriminals used the victim’s password to gain access to their system and stole their information. This pathetic finding was the debate among organization that year. It is the need of the organizations to have a system in place that detects and prevent password theft.

A year later it seems nothing much has changed. Cybercriminals are on the rise to steal user credentials. They have various methods to steal passwords like; phishing attacks, keyloggers, and spyware. Nearly every technique to steal password involves some kind of malware. Malicious emails are used with fake URLs to steal to trick users into getting information and all this has some sort of malware behind it. Spyware and keylogger have been there for some time, yet people fall for it is something to be concerned about.

A new kind of malware is in practice that distributes ransomware, Trojans, and malicious cryptocurrency mining software. This is something rarely seen in the activities of cybercriminals. The phishing campaigns have been sporadically active and have only evolved to trick users. Fake patches have emerged and made it more vulnerable.

Microsoft Word attachment is the carrier for the latest malware campaign; it tricks the user to allow macros, and Smoke Loader to be installed on the compromised system. This is followed by Trojan to deliver the extra malicious software.

As reported in ZDNet that researchers are tracking Smoke Loader and it was found that the current payload doing the trick is TrickBot- a Trojan that steals banking credentials and other sensitive information. The malware is designed in such a way that it looks like an invoice request from a legitimate company.

This blog and many such write-ups only clear the theory that stolen password is the key to many data breaches. We have seen how the password is stolen by malware, so it becomes critical that organizations and individuals improve their procedures and tools and protect themselves and their data. Also, it becomes important to have a system in place that detects any network compromises or malicious activities by cyber criminals, using other credentials stolen elsewhere.