smokeloader-infecting-targeted-systems-with-amadey-info-stealing-malware

Share news article

Share on facebook
Share on twitter
Share on linkedin
Share on email

SmokeLoader Infecting Targeted Systems with Amadey Info-Stealing Malware

An information-stealing malware called Amadey is being distributed by means of another backdoor called SmokeLoader.

The attacks hinge on tricking users into downloading SmokeLoader that masquerades as software cracks, paving the way for the deployment of Amadey, researchers from the AhnLab Security Emergency Response Center (ASEC) said in a report published last week.

Amadey, a botnet that first appeared around October 2018 on Russian underground forums for $600, is equipped to siphon crendentials, capture screenshots, system metadata, and even information about antivirus engines and additional malware installed on an infected machine.

While a feature improvement spotted last July by Walmart Global Tech incorporated functionality for harvesting data from Mikrotik routers and Microsoft Outlook, the toolset has since been upgraded to capture information from FileZilla, Pidgin, Total Commander FTP Client, RealVNC, TightVNC, TigerVNC, and WinSCP.

Its main goal, however, is to deploy additional plugins and remote access trojans such as Remcos RAT and RedLine Stealer, further enabling the threat actor to conduct an array of post-exploitation activities.

Users are recommended to upgrade their devices to the latest versions of the operating system and the web browser to minimize potential infection routes and steer clear of pirated software.


Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.

Related News

Covid antigen test results of 1.7m Indian and foreign nationals leaked online

Covid antigen test results of 1.7m Indian and foreign nationals leaked online

An Elasticsearch server belonging to a healthcare software provider in India is currently exposing the Covid antigen test results of…
UK Teen Arrested Amid Uber and GTA 6 Hacking Saga

UK Teen Arrested Amid Uber and GTA 6 Hacking Saga

The City of London Police has arrested a seventeen-year-old teenager over suspicion of hacking amid the recent security breaches at…
London Police Arrested 17-Year-Old Hacker Suspected of Uber and GTA 6 Breaches

London Police Arrested 17-Year-Old Hacker Suspected of Uber and GTA 6 Breaches

The City of London Police on Friday revealed that it has arrested a 17-year-old teenager from Oxfordshire on suspicion of…