Threat Actors are Targeting US Tax-Session with new Tactics of Stealerium-infostealer
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
Cybercriminals are exploiting the US tax season to deploy Stealerium malware, targeting citizens through sophisticated phishing campaigns. The attack utilizes deceptive email attachments with malicious LNK files, leading to the execution of PowerShell scripts and the download of a PyInstaller-packaged executable. This payload injects into mstsc.exe and deploys Stealerium, an information-stealing malware that exfiltrates sensitive data from browsers, cryptocurrency wallets, and popular applications. The malware employs anti-analysis techniques, creates a hidden directory, and registers with a command and control server. It steals credentials from various sources, including browsers, gaming platforms, and messaging apps, while also capturing webcam images and Wi-Fi passwords.
OPENCTI LABELS :
powershell,process injection,information stealing,anti-analysis,stealerium,tax-season phishing
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Threat Actors are Targeting US Tax-Session with new Tactics of Stealerium-infostealer