Password Manager Malware Tricks Users Into Revealing Their Passwords

February 14, 2020

Written by wukovits

There’s a new threat making the rounds called ‘Metamorfo’ that you should be aware of. The malware began its life as a banking trojan.

This news is from researchers at Fortinet, who report that the malicious code has recently gotten some upgrades that make it particularly nasty.

Like many similar programs, this one finds its way onto target machines by way of phishing emails. In this case, the vehicle of choice seems to be emails that claim to have an invoice attached in the form of a Microsoft Word document.

If a user receives this email and opens the ‘invoice’ he or she will be informed that the message cannot be properly displayed without enabling macros. Of course, enabling macros is the mechanism that allows Metamorfo to be installed on the target device.

Once installed, the malicious code will first check to be sure it’s not running in a sandbox or virtual environment. Once it has confirmation that it is not, it will run its Autolt script execution program, which it uses to evade detection by antivirus programs that may be running on the target system.

Safe from detection, it will then shut down any browser sessions that may be running and prevent any new browser windows from using the auto-complete function when entering passwords. It then begins prompting the users to manually enter their passwords. When they do, the keystrokes are mapped and sent to a command and control server that the hackers control. It’s a fiendishly clever way of making sure the hackers harvest as much password information as possible from each system they infect.

Be very wary of opening attachments from any unknown and untrusted source and make sure all your systems are fully patched and up to date. It’s not a perfect solution, but it will certainly minimize your risk.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

New Graphene Technology May Increase Hard Drive Storage

HDDs are old, well understood technology. They haven't changed much in recent years. In fact, increasingly, people are writing them off, preferring SSDs for their greater speed and smaller size, even though HDDs are less expensive. The clever folks at the University...

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Send us a message

Your message was sent.