Cybersecurity is important. Without it, hackers will look for a way into the system, either to infect the system with malware, or to steal sensitive data. Regardless if it is a normal person, a business, or an agency, anyone can become the target of cyber criminals.
Lately, researchers at Varonis have uncovered a new strain of attacks that are coming from an information stealer malware, or an infostealer. The researchers have titled this infostealer “Storm”, which began cyberattacks earlier this year.
How Storm Operates
Storm operates by collecting data after a malware infection. The hackers can remotely hijack a victim’s device and steal information like saved passwords, session cookies, or browsing data. With this kind of information, they can easily log into the victim’s accounts and cause damage from the inside.
Hackers can also steal documents, capture system information or screenshots, pull session data from any accounts the victims partake in, and access desktop apps and browser extensions.
Typical cyber criminals normally steal this type of information to drain the victim’s accounts, sell the information to other cyber criminals, or hold it hostage and demand ransom from the victim. On the contrary, Storm automates the next step by taking information from the victim’s browser history and plans a future attack.
Word From Varonis
Daniel Kelley is a senior security consultant at Varonis, and he also published a report on Storm earlier this month.
Kelley stated that a traditional infostealer uses decrypted browser credentials to infect the victim’s device with malware. Storm ships encrypted files to their own infrastructure so that the hackers do not have to decrypt them locally.
“Everything runs in memory to reduce the chance of detection,” Kelley simply stated.
What Has Been Compromised?
Varonis has concluded that about 1,715 entries originated from various countries, including Brazil, Ecuador, and India. What the cybersecurity company has a difficult time deducing is if these entries are real victims, test data runs, or the actual cyberattacks.
Social medias and communication platforms have been affected by these attacks, including Google, Facebook, and Twiter/X. In more severe cases, cryptocurrency and financial services, like Coinbase and Binance, have also been attacked.
Any data stolen by the hackers is commonly traded on credential marketplaces. This is where cyber criminals gather more information to plan future attacks, including account takeovers, fraud, or simple access into a system.
What Can We Take from This?
As previously stated, cybersecurity is important for protecting our devices and our data. With Storm on the loose and hackers constantly planning their next schemes, we should take our cybersecurity more seriously than before.
Always check that your devices are updated with current cybersecurity defenses, monitor your accounts for any fraudulent activities, and be careful while you surf the internet. Storm has conducted these attacks based on online activities of potential victims. Make sure your devices will prevent you from going onto websites that could be harmful in the long run.
For more information on the matter, feel free to read the article from Infosecurity Magazine.
Link: https://www.infosecurity-magazine.com/news/storm-infostealer-remotely/
About Advanced Network Consulting
Advanced Network Consulting is a Southern California based IT consulting company focused on the small business market. For businesses in Southern California, or a business that has an office in LA or Orange County, Advanced Network Consulting offers on-site and remote network and server support.
Hoping to improve the efficiency of your computer? Need to strengthen the cybersecurity of your device? We offer a complimentary one-hour onsite evaluation, and our network and server solutions will ensure that your business continues to be operational.
Contact us through our site: https://www.ancsite.com/ #ANC #advancednetworkconsulting #IT #ITconsultant #OCsmallbusiness #computing #technology #Infosecurity #cybersecurity #malware #cyberattacks #datasecurity #networksecurity #internetsecurity #onlinesecurity #infostealer #cybercrinimals #hackers