Call Us at 866-526-9750

PC Works Plus

Blog

Check out David Wertz's weekly article and information he has shared on LinkedIn
https://www.linkedin.com/in/davidwertz/

Unique Infostealer uses phony Pennsylvania Department of Welfare

Categories: Security

Unique Infostealer uses phony Pennsylvania Department of Welfare

October 13, 2017

A recent phishing attack uses a fake Pennsylvania Department of Welfare document to install malware on victims systems.

The decoy appears to be a “public service” message from the Pennsylvania Department of Public Welfare that includes spam mitigation instructions.

The malware loads up a document that masquerades as a public service announcement published by Pennsylvania Department of Public Welfare. Ironically, this document lists “Spam E-mail Instructions” as its focal procedure.

Of course, this fake PSA is designed to convince users that all is well. In the meantime, the infostealer covertly activates its malicious functionality.

Once the malware is executed, it performs various password stealing activities, such as checking for antivirus and looking into the directories and files from which it will steal information. The most interesting function of this malware is that it also behaves like a file stealer, as it checks for interesting strings in the system with the enumeration of various files and folders and uploads to the malware’s C&C once it grabs the sensitive information.

The digital threat is capable of stealing passwords from Armory Wallet, Chrome, CuteFTP, Electrum bitcoin wallet, FileZilla, Firefox, Putty, and WinSCP Passwords.

Educate Yourself!

Checkout free reports and newsletters to educate yourself on Network Security, Data Protection and Tips and Tricks.

Let's Go!