New infostealer focuses only on the important files
Aug 13, 2016 16:50 GMT · By Catalin Cimpanu Threat actors are circulating a new type of infostealer trojan that will search for eleven file types and upload them to a C&C server. The files it targets are specific to enterprise environments, being mostly extensions associated with Microsoft Office applications.
Based on a sample of the trojan, crooks are distributing this threat as a file named Aug_1st_java.exe, which currently has a very low detection rate on VirsuTotal, 16/55.
The distribution method is currently unknown, and it could be both via spam or via watering hole attacks. As almost all malware programs do today, when users install this trojan, it will modify the Windows Registry to gain the ability to start automatically after the user reboots his computer.
http://i1-news.softpedia-static.com/images/fitted/620x/new-windows-trojan-steals-enterprise-data-and-microsoft-office-files-507281-3.jpg Trojan hiding as chrome.exe process
Full Article
