• Wed. Jul 17th, 2024

Windows-based Computers Targeted by Bandit Stealer Attacks

Avatar photo

ByMarcel Bich

Aug 9, 2023
Bandit Stealer Attacks Target Windows Computers
Marcel Bich
Latest posts by Marcel Bich (see all)

According to Trend Micro cybersecurity specialists, Bandit Stealer is a new virus that runs covertly and has the capacity to steal data from browsers and the digital currency wallets. Bandit Stealer, which was created in the Go programming language, has the capacity to function across several platforms.

Exploiting “runas.exe” and Employing Concealment Techniques

At the moment, Bandit Stealer has been focusing on Windows-based computers by leveraging the genuine command-line tool “runas.exe.” Hackers use this application to circumvent security barriers and get administrative access in order to acquire large volumes of data.

A Trend Micro study claims that “runas.exe” enables users to launch apps with administrative or other user permissions, creating a safe environment for crucial programs or system operations. It is especially helpful when a user’s existing account does not have the appropriate privileges to run particular commands or applications.

Bandit Stealer employs various techniques to conceal its presence and ensure persistence on infected computers. It checks if it is running in a sandbox or virtual environment and executes a series of system processes. Additionally, the malware modifies the Windows registry to maintain its foothold.

Bandit Stealer’s harmful actions include stealing personal and financial information from browsers and bitcoin wallets. The virus spreads via phishing emails with a downloader file that launches an apparently innocent Microsoft Word document to deflect attention while the infection is covertly taking place.

The data stolen by programs like Bandit Stealer can be exploited by threat actors in multiple ways. It can be used for identity theft, financial gain, data breaches, credential matching attacks, or account hijacking. Additionally, the stolen information can be sold to other malicious actors and serve as a foundation for subsequent attacks, ranging from targeted campaigns to extortion or ransomware attacks.

Avatar photo

Marcel Bich

Marcel ‘s passion for the world of cryptocurrencies and his comprehensive knowledge of blockchain technology make him an invaluable asset to our team. He stays updated on the latest trends, regulations, and emerging technologies in the crypto space, ensuring that our audience receives accurate and up-to-date information.