[BECA ALERT] New Malware Making the Rounds

d0ee2be2ebfe653fff2170d4faee8baa

Heads up! There’s another new malware strand targeting individuals through email. Vega Stealer is currently a targeted attack on the marketing/advertising and retail/manufacturing industries, however it could easily jump to a more wide spread attack.

What is Vega Stealer?

According to Proofpoint, Vega Stealer is malware designed to steal financial data, passwords, and other credentials that have been saved in Chrome and Firefox.

Proofpoint says the malicious software goes after payment information, saved credit card details, sensitive documents and passwords on infected machines.

More detailed information about this new malware can be found here, but the most important thing you should note is what Vega Stealer is targeting and how it is getting activated.

1. Beware of Email

Like most common malware, Vega Stealer is being distributed through an email campaign that is sent to individuals as well as distribution lists. The email contains a malicious attachment called “brief.doc” bearing macros that download the Vega Stealer payload.

Vega Stealer

You should ALWAYS be cautious of emails that you weren’t expecting. A few months ago, we shared Tips for Spotting a Phishing Email. If you quickly ask yourself “was I expecting this?” with every email that comes into your inbox, you will keep yourself one step ahead of the cyber-criminals. If the answer is yes – then you’re probably safe opening or clicking something in the email. If the answer is no – proceed with caution.

2. Turn off Stored Passwords

It’s a feature that everyone loves – your internet browser saves your login information and credit card info so you don’t have to type it in over and over again! Well, that’s what Vega Stealer is after. Once activated, it can steal this information from your web browser and have access to a lot of confidential information.

We recommend that you turn off this feature in your web browser to provide better protection in the event that you become compromised.

And as always – THINK BEFORE YOU CLICK!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s