FYI: The Astaroth Trojan Part II

by

March 11, 2019

Cybereason has released an update regarding the recent re-emergence of the Astaroth Trojan. You can read it here

I wrote briefly about the subject on February 22nd. You can read that blog article here: fyi-the-astaroth-trojan.

Attack highlights include:

1. The Astaroth Trojan spam campaign is a Trojan most recently used to steal passwords 
    and personal information from individuals in Brazil.

2. Brazil is a major contributor to global cybercrime that continues to have a plethora of
    new, nefarious activities targeting individuals.

3. The Astaroth Trojan disguises its payload as JPEG, GIF, and extension-less files to avoid
    detection.

4. The campaign exploits legitimate operating system processes as well as security vendor
    products from companies like Avast and GAS Tecnologia to gain information about the
    target machine and steal password information, as well as keystate information and
    clipboard usage.

5. Full research on the latest Astaroth Trojan variant can be found here.

If you’ve got any questions please feel free to contact us. If you’ve got any thoughts or comments please feel free to leave them in the comment section below.

If you haven’t subscribed to our weekly newsletter please use the CTA in top right hand corner of the page.

Carl Keyser is the Content Manager at Integris.

Keep reading

Strong Cybersecurity Postures: How to Unleash their Power

Strong Cybersecurity Postures: How to Unleash their Power

In the vast digital landscape where virtual dragons and sneaky trolls roam a strong cybersecurity posture has never been more important. Imagine a band of modern-day knights led by our protagonist, Alex. Armed with a trusty laptop and a cup of coffee, Alex navigates...

How to Spot a Phishing Attack in 2023

How to Spot a Phishing Attack in 2023

In 2023 cyber threats lurk behind every tree trunk in today's digital jungle, and cybersecurity awareness is more critical than ever. Among the craftiest of these threats are phishing attacks. Phishing attacks are cunningly engineered with social manipulation at their...

How to Choose an IT Consultant in Boulder, CO

Regardless of industry size or type, Boulder IT consultants play a massive role in the way companies in the Boulder area do business. While most companies may have their own in-house IT department, many of these departments are small and cannot handle all the...