Ransomware Upgrades with Credential-Stealing Tricks
The latest version of the FTCode ransomware can steal credentials from five popular browsers and email clients.
The nightmare continues for victims of FTCode ransomware. In addition to encrypting critical information, the PowerShell malware now steals user credentials from common web browsers and email clients.
According to researchers Rajdeepsinh Dodia, Amandeep Kumar, and Atinderpal Singh from Zscaler ThreatLabZ, FTCode version 1117.1 can skim user credentials from Internet Explorer, Firefox, and Chrome as well as email clients Thunderbird and Outlook. The new version uses a different method to steal credentials in each of the targeted applications, something the researchers point to as being one of the advantages of the scripting language in which FTCode is written.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "With International Tensions Flaring, Cyber-Risk Is Heating Up for All Businesses."
About the Author(s)
You May Also Like
Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024