Ukrainian Warns Individuals of a Malware Hacking Attacks Spreading Jester Stealer
The Computer Emergency Response Team of Ukraine (CERT-UA) has alerted of cyberattacks labeled "phishing" that spread malware called "Jester" to steal on compromised networks system.
The email subject has the headline "chemical attack" and contains a connection to a large-scale Microsoft Excel file, opening which prompts PCs to get a virus with Jester Stealer.
The hacking attack requires likely users to empower macro programs after downloading and executing a (.exe) attached file that is recovered from a compromised website. Jester Stealer, as labeled by Cyble in February 2022, accompanies elements to take and send username login and password, stealth cookies, and bank card details alongside information, customer service, email lists, crypto wallets, and gaming applications. It's available for $99 each month or $249 for unlimited access benefits.
"The attackers get the taken information by means of Telegram utilizing statically designed IP addresses, ex: TOR browser".
The office said. "They utilize anti-analysis tools (disable VM and anti-sandbox). The malware has no persistent instrument — it is erased when its activity is finished."
The Jester Stealer malware agrees with one more phishing attack that CERT-UA has ascribed to the Russian country state followed as APT28 (also known as Fancy Bear, otherwise known as Strontium).
The email body, named "Кібератака" (meaning cyberattack in Ukrainian), take on the appearance of a security notice from CERT-UA and accompany a RAR compressed file "UkrScanner.rar" connection that, when opened, conveys a malware called CredoMap_v2.
The exposures follow comparative discoveries from Microsoft's Digital Security Unit (DSU) and Google's Threat Analysis Group (TAG) about Russian state-supported hacking teams doing accreditation and information robbery activities in Ukraine.
Found this blog interesting?
Follow Internet Hacks Journal on Facebook, Twitter, and Instagram to peruse more selective substance we post. Also subscribe to our new YouTube channel.