06 Jul Password-Stealing Malware Uses New Injection Technique to Infect Computers
Cisco Talos researchers recently reported that the powerful Smoke Loader malware which has been active since 2011 has been upgraded with a new injection technique seen in the wild only a few days ago.
The malware is often used to deliver malicious payloads such as TrickBot which is used by attackers to harvest credentials, passwords and other sensitive information. Previously distributed by phishing emails, researchers say that the new code injection technique known as PROPagate also allows files to be dropped stealthily, giving Smoke Loader the ability to extract credentials and other sensitive information from browsers like Firefox, IE, and Chrome using its plugins.
Cisco Talos researchers advised users and organizations to install the latest patches and follow recommended security practices which help minimize the threat of compromise from constantly evolving trojans.