Tag: credentials

In August 2024, eSentire's Threat Response Unit observed a sophisticated attack involving LummaC2 stealer malware and a malicious Google Chrome browser extension. The attack leveraged DLL side-loading to execute a loader delivering the malware and a PowerShell script that installed the extension. T…

Unit 42 researchers uncovered an extortion campaign that compromised and extorted multiple victim organizations by leveraging exposed environment variable files containing sensitive credentials. The campaign involved setting up attack infrastructure within victims' Amazon Web Services (AWS) environ…

Researchers uncover a new malware variant called Iluria Stealer, created by the developer behind Nikki Stealer, utilizing the alias 'Ykg.' Iluria Stealer is designed to steal Discord tokens, browser credentials, and payment information. It employs techniques like obfuscation, process injection, and…