FortiGuard Labs’ recent research revealed an ongoing phishing campaign that is specifically targeting Microsoft operating system users in Europe and the US. The attackers are using the EvilExtractor tool as their weapon of choice, which is a modular malware that is typically distributed via a seemingly legitimate Adobe PDF or Dropbox link. Once opened or clicked, the link deploys a malicious PowerShell that eventually leads to the installation of the EvilExtractor malware.
The primary purpose of this malware appears to be the theft of browser data and other sensitive information from compromised endpoints, which is then uploaded to the attacker’s FTP server. While the tool was originally developed by Kodex as an “educational tool,” it is currently being actively used by cybercriminals as an info-stealer. Stay updated on the latest cybersecurity threats, data breaches, vulnerabilities, and emerging trends by subscribing to daily or weekly email updates.
Go to Source
Author: Dark Reading Staff, Dark Reading
