Google Chrome has been infected with a new type of malware known as Emotet, which steal users’ confidential credit card information.
Proofpoint security researchers have found that the botnet is now using a credit card stealer module to siphon victims’ credit card details.
On June 6th, a security firm observed the E4 botnet dropping a new Emotet module.
The botnet is trying to infect potential victims with a credit card stealer module to get credit card information stored in Google Chrome user profiles.
This has seen a massive increase in activity since the start of this year, growing more than 100-fold since last year.
After stealing credit card information ,the malware will send it to command-and-control (C2) servers other than the ones used by the Emotet card stealer module.
The botnet was first developed and deployed as a banking trojan in 2014. Finally, later evolved into a botnet as the TA542 threat group (aka Mummy Spider) .
TA542 is used to deliver second-stage payloads.
However the malware family will likely continue to evolve and adapt to industry changes and its own shifting goals and priorities.
- Make sure that all applications, databases, servers, and network devices are periodically configured.
- Users are advised to monitor their bank accounts closely and review the transactions for any signs of unauthorized payments if they infected by the Emotet malware.
- Don’t download, accept, or execute files and do not visit websites or follow links provided by unknown sources.
- Regular Backup of the applications, databases, and critical operating system data.
- Keep AV signatures, operating systems, and third-party applications up to date on all systems.