Heads up! There’s another new malware strand targeting individuals through email. Vega Stealer is currently a targeted attack on the marketing/advertising and retail/manufacturing industries, however it could easily jump to a more wide spread attack.
What is Vega Stealer?
According to Proofpoint, Vega Stealer is malware designed to steal financial data, passwords, and other credentials that have been saved in Chrome and Firefox.
Proofpoint says the malicious software goes after payment information, saved credit card details, sensitive documents and passwords on infected machines.
More detailed information about this new malware can be found here, but the most important thing you should note is what Vega Stealer is targeting and how it is getting activated.
1. Beware of Email
Like most common malware, Vega Stealer is being distributed through an email campaign that is sent to individuals as well as distribution lists. The email contains a malicious attachment called “brief.doc” bearing macros that download the Vega Stealer payload.
You should ALWAYS be cautious of emails that you weren’t expecting. A few months ago, we shared Tips for Spotting a Phishing Email. If you quickly ask yourself “was I expecting this?” with every email that comes into your inbox, you will keep yourself one step ahead of the cyber-criminals. If the answer is yes – then you’re probably safe opening or clicking something in the email. If the answer is no – proceed with caution.
2. Turn off Stored Passwords
It’s a feature that everyone loves – your internet browser saves your login information and credit card info so you don’t have to type it in over and over again! Well, that’s what Vega Stealer is after. Once activated, it can steal this information from your web browser and have access to a lot of confidential information.
We recommend that you turn off this feature in your web browser to provide better protection in the event that you become compromised.
And as always – THINK BEFORE YOU CLICK!