Google Chrome has been infected with a new type of malware known as Emotet, which steal users’ confidential credit card information.
Proofpoint security researchers have found that the botnet is now using a credit card stealer module to siphon victims’ credit card details.
Emotet Malware
On June 6th, a security firm observed the E4 botnet dropping a new Emotet module.
The botnet is trying to infect potential victims with a credit card stealer module to get credit card information stored in Google Chrome user profiles.
This has seen a massive increase in activity since the start of this year, growing more than 100-fold since last year.
After stealing credit card information ,the malware will send it to command-and-control (C2) servers other than the ones used by the Emotet card stealer module.
The botnet was first developed and deployed as a banking trojan in 2014. Finally, later evolved into a botnet as the TA542 threat group (aka Mummy Spider) .
TA542 is used to deliver second-stage payloads.
However the malware family will likely continue to evolve and adapt to industry changes and its own shifting goals and priorities.
Follow us for more, Facebook, Twitter, LinkedIn and Instagram
Mitigations
- Make sure that all applications, databases, servers, and network devices are periodically configured.
- Users are advised to monitor their bank accounts closely and review the transactions for any signs of unauthorized payments if they infected by the Emotet malware.
- Don’t download, accept, or execute files and do not visit websites or follow links provided by unknown sources.
- Regular Backup of the applications, databases, and critical operating system data.
- Keep AV signatures, operating systems, and third-party applications up to date on all systems.
Leave A Comment