216.73.217.176

Double Trouble: Latrodectus And ACR Stealer Observed Spreading Via Google Authenticator Phishing Site

· Published 20/08/2024 09:06 · Modified 20/08/2024 09:25

Export JSON

Essential information

Published
20/08/2024 09:06
Modified
20/08/2024 09:25
Tags
2024-08-20 acr stealer cybersecurity downloader latrodectus malware phishing stealer
Related entities
6 vulnerabilities (cve), 15 observables, 10 techniques (mitre), 2 malware

Description

The Cyble Research and Intelligence Lab (CRIL) discovered a sophisticated website mimicking Google Safety Centre, designed to trick users into downloading . The , compromising security and stealing sensitive information, drops two threats: , which maintains persistence and collects user data; and , which employs Dead Drop Resolver to obscure its Command and Control server. shows ongoing development with encryption key updates and new commands.

External references