Latest news with #infostealers
Forbes
3 days ago
- General
- Forbes
New Attack Steals Your Windows Email, Passwords, 2FA Codes And More
The latest Katz malware version can steal most everything. Infostealers are the new black. When it comes to hacking fashion, malware that steals user credentials has been in vogue for a while now. We've seen the evidence in the 19 billion compromised passwords that are already available online, or the 94 billion browser cookies published to the Dark Web and Telegram channels. Microsoft has been spearheading the fight against the credential-stealing criminals, leading the recent global takedown of large parts of the Lumma Stealer network infrastructure, for example. Yet, the danger still persists; in fact, it is evolving. New research has revealed that a notorious threat to Windows users has emerged in the form of a new variant that can steal most anything and everything. Here's what you need to know about Katz. There is nothing particularly unusual about the way that the Katz Stealer malware is distributed. Victims are targeted through the usual cybercriminal methods, including phishing emails, malicious advertisements, dangerous search results, and dodgy downloads. Once installed, however, Katz looks to see if you are using Google Chrome, Microsoft Edge or the Brave web browser and goes into what is known as headless mode. This is pretty much as it sounds, a browser with no visible interface, running 'headless' in the background but with the body able to render pages and interact with the web as normal. Katz can also bypass Google's app-bound encryption protections for Chrome, according to security researchers, which would aid in the credential-stealing payload. And it's the payload that has us shaking our collective heads in disbelief. A May 23 analysis of the latest Katz Stealer malware, by the Nextron threat research team, has revealed the true extent of this steal-everything threat to Windows users. According to the full analysis, which I would recommend you go and read, after you finish here, of course, the range of Katz when it comes to data that can be stolen is, well, extensive. As well as the usual mitigation advice for consumers to deploy two-factor authentication and passkeys on all accounts where available, apply all operating system and browser security updates as soon as possible and be alert to all the usual phishing tricks, the Nextron threat research team recommended the following for enterprise users: Nextron also suggested watching out for the scanning of Windows registry keys and files associated with popular browsers and wallet applications, as this is indicative of Katz Stealer activity. As Sergeant Phil Esterhaus used to say, if you know you know, 'be careful out there.'
Forbes
21-05-2025
- Forbes
AI TikTok Videos Promising Free Spotify And Windows Subscriptions Install Malware Instead
TikTok has removed videos amassing millions of views after cybersecurity researchers found they were trying to trick people into downloading infostealers. (Photo by Jaap Arriens/NurPhoto via Getty Images) NurPhoto via Getty Images In recent months, a bevy of ten-second promotional videos have spread across TikTok amassing millions of views. They purport to offer an easy way to unlock paid-for subscriptions or features for major apps like Microsoft Windows, Office365 and Spotify Premium: a simple prompt typed into the PowerShell command-line tool in Windows. But that command doesn't unlock any premium services. Instead, it downloads and installs malware designed to pilfer all manner of private information from an infected PC — personal documents, cryptocurrency, social media logins. And the cybersecurity researcher at Trend Micro who discovered the attack told Forbes traditional security tools will likely miss it because the malware isn't being delivered via an email attachment or software exploit. Instead, it's being unwittingly installed by people looking for a freebie subscription. 'There is no malicious code present on the platform for security solutions to analyze or block,' the company explained in a report on the attack. 'All actionable content is delivered visually and aurally.' Trend Micro researcher Junestherry Dela Cruz told Forbes the company believes the scam is being perpetuated with the help of AI. The videos promoting it all share similar artificial voices, and nearly identical video shots and camera angles.. TikTok told Forbes it had removed all accounts the researchers flagged as malicious, but declined further comment. While it's impossible to determine how many people followed the videos' malware-installing instructions, it's clear they were widely viewed on TikTok. One video, promising to 'boost your Spotify experience instantly,' reached more than half a million views. And a pair of TikTok accounts with 11 videos between them amassed almost 1 million. In the comments for one video that had generated over 550,000 views, offering pro features in Windows, one viewer asked, 'Is this safe?' Their answer came other comments, where one said their hard drive had been wiped after running the code, while another added, 'All my accounts were hacked because of these videos.'
