[ad_1]
CYBERSECURITY experts have warned about a dangerous malware that has reappeared.
Following a nine-month absence, a malicious software dubbed TA866 is now back.
The malware was spotted back in action by cybersecurity researchers from Proofpoint.
Proofpoint says TA866 sent several thousand emails with subjects such as “Project achievements” to targets in North America.
The emails featured a PDF attachment that contained OneDrive URLs and looked like this: “Document_[10 digits].prf”
If clicked, these links “initiated a multi-step infection chain eventually leading to the malware payload,” Proofpoint said in its report.
Malware is a malicious file or code that can infect your smartphone, desktop, or laptop.
This software can steal sensitive information from your devices, including banking accounting.
This particular malware is a variant of the WasabiSeed and Screenshotter custom toolset.
Basically, TA866 can spy on victim activity via screenshots before installing a bot and stealer.
The malware has been active since October 2022 and continued into January 2023, and now 2024.
Proofpoint observed campaigns primarily targeting organizations in the United States.
However, researchers also noticed sporadic attacks in countries like Germany.
HOW TO STAY SAFE
For starters, it’s important always to keep your device updated with the latest software.
These updates provide patches that can fix security holes that malware can exploit.
You should also avoid installing apps from unofficial system stores, and even then, do your research.
Furthermore, you should never download anything from strange emails, pop-up windows, or suspicious-looking websites.
It’s also important to install an antivirus on your device so it can scan for malware.
[ad_2]