MetaBlog

Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Scam of the Week – Vega Stealer

Researchers have discovered a new malware which can steal sensitive information from Google Chrome and Firefox browsers, whilst also mine files from infected devices. The malware – Vega Stealer which is a variant of August Stealer finds and steals credentials such as passwords, saved credit and debit card details and cookies from Google Chrome, whilst when the Firefox browser is in use, Vega Stealer targets specific files which store sensitive information.

Not only does the malware steal information, but also captures screenshots of the infected device, scanning files that end in .doc, .docx, .txt, .rtf, .xls, .xlsx, or .pdf.

Researchers say the malware is being used for small phishing attacks, with the potential to become a threat to businesses in the future.

So how is it spreading?

Hackers are sending emails with the subject line ‘Online store developer required’, to businesses and individuals. Within the email there is an attachment called ‘brief.doc’ which contains the malicious macros, and once opened, downloads the Vega Stealer payload on the device which will be saved in the Music directory by the name “ljoyoxu.pkzip.”

Despite it not being the most sophisticated phishing campaign, it highlights the dangers of downloading attachments from unknown sources.

To protect yourself from falling victim to these types of online scams, never click on suspicious links or download attachments from unknown sources.

If you are looking to start a phishing awareness campaign or would like more information on how to protect yourself online, click here to find out how MetaCompliance can help. Our MetaPhish Platform has been specifically designed to protect businesses from phishing and ransomware attacks and provides the first line of defence in combatting cyber-crime. 

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

Social Engineering

Social Engineering: Hacking the Human

Social engineering is nothing new. Way before computers entered our lives, human beings were being scammed using psychological tricks. Back in 1947, a book entitled “Illustrated
Read More »

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations
  • This field is for validation purposes and should be left unchanged.