New Copperstealer Malware Steals Google, Apple, Facebook Accounts

News broke today that previously undocumented account-stealing malware distributed via fake software crack sites targets the users of major service providers, including Google, Facebook, Amazon, and Apple. The malware, dubbed CopperStealer by Proofpoint researchers, is an actively developed password and cookie stealer with a downloader feature that enables its operators to deliver additional malicious payloads to infected devices.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Niamh Muldoon
Niamh Muldoon , Senior Director of Trust and Security EMEA
InfoSec Expert
March 22, 2021 12:17 pm

<p>Password Stealing Malware and Phishing Attacks remain a challenge for most modern enterprises. Password Stealing techniques usually target the weakest link in an organisation’s security posture – the human being. Once successfully performed, any future attacks have a high chance of staying undetected as they use official credentials to access personal and business resources. Attackers don\’t need to pay lot of attention when obfuscating their actions as having full access allows them to run a large variety of other attacks, like stealing full identities, attacking internal services, exfiltrating sensitive company data, etc. As these tactics become increasingly sophisticated, companies must employ security measures such as multi-factor authentication in order to protect company data and prevent the loss of classified and sensitive information. Applying controls to technologies, making sure security is included in business processes, and ensure the organisation has a good security culture are all also key. Applying a Defence in Depth (DiD) model to security within your organisation, with security controls in place within technologies, business processes and culture will begin to support reducing risk associated with new malware variants. Don\’t underestimate the value of security awareness programmes for keeping your employee’s conscious of new malware threats.</p>

Last edited 1 year ago by Niamh Muldoon
1
0
Would love your thoughts, please comment.x
()
x