“LokiBot,” the malware that steals your most sensitive data, is on the rise

by
Dan Goodin
from Ars Technica - All content on (#58F5N)
malware-website-800x450.jpg

Enlarge (credit: Christiaan Colen / Flickr)

Federal and state officials are seeing a big uptick in infections coming from LokiBot, an open source DIY malware package for Windows that's openly sold or traded for free in underground forums. It steals passwords and cryptocurrency wallets, and it can also download and install new malware.

In an alert published on Tuesday, the Department of Homeland Security's Cybersecurity and Infrastructure Agency and the Multi-State Information Sharing & Analysis Center said LokiBot activity has scaled up dramatically in the past two months. The increase was measured by EINSTEIN," an automated intrusion-detection system for collecting, correlating, analyzing, and sharing computer security information across the federal civilian departments and agencies.

CISA has observed a notable increase in the use of LokiBot malware by malicious cyber actors since July 2020," Tuesday's alert stated. Throughout this period, CISA's EINSTEIN Intrusion Detection System, which protects federal, civilian executive branch networks, has detected persistent malicious LokiBot activity."

Read 7 remaining paragraphs | Comments

index?i=WizxfuaHp4E:OhVeucvFn8g:V_sGLiPB index?i=WizxfuaHp4E:OhVeucvFn8g:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments