FYI: The Astaroth Trojan Part II

by

March 11, 2019

Cybereason has released an update regarding the recent re-emergence of the Astaroth Trojan. You can read it here

I wrote briefly about the subject on February 22nd. You can read that blog article here: fyi-the-astaroth-trojan.

Attack highlights include:

1. The Astaroth Trojan spam campaign is a Trojan most recently used to steal passwords 
    and personal information from individuals in Brazil.

2. Brazil is a major contributor to global cybercrime that continues to have a plethora of
    new, nefarious activities targeting individuals.

3. The Astaroth Trojan disguises its payload as JPEG, GIF, and extension-less files to avoid
    detection.

4. The campaign exploits legitimate operating system processes as well as security vendor
    products from companies like Avast and GAS Tecnologia to gain information about the
    target machine and steal password information, as well as keystate information and
    clipboard usage.

5. Full research on the latest Astaroth Trojan variant can be found here.

If you’ve got any questions please feel free to contact us. If you’ve got any thoughts or comments please feel free to leave them in the comment section below.

If you haven’t subscribed to our weekly newsletter please use the CTA in top right hand corner of the page.

Carl Keyser is a Digital Marketing Specialist at Integris.

Keep reading

How the Best IT Companies in Minnesota Support the Hybrid Workforce

How the Best IT Companies in Minnesota Support the Hybrid Workforce

After the initial shutdowns and stay-at-home orders lifted following COVID-19, workers throughout the United States and Minnesota decided that the work-from-home model was here to stay. It makes sense -- working from home offers a lot of convenience to your team – and...