• Fri. Oct 13th, 2023

A new identity thief called Invicta Stealer spreads by phony emails from GoDaddy

Avatar photo

ByEsme Greene

Aug 15, 2023
Invicta Stealer Spreads via Fake GoDaddy Emails
Esme Greene
Latest posts by Esme Greene (see all)

Spam emails that resemble those from GoDaddy promising refunds are used to spread it. In order to download a “Invoice.zip” file, the victim is directed to a Discord URL. An “INVOICE_MT103.lnk” shortcut that seems to be a PDF is really running PowerShell instructions that launch Invicta Stealer within.

On the victim’s computer, Invicta Stealer gathers a variety of information, including details on the operating system, installed applications, and active processes. It is designed to attack 31 online browsers, including well-known ones like Chrome, Firefox, and Safari as well as Russian browsers. 26 cryptocurrency wallet extensions’ data are also stolen by it.

What is Known About Invicta Stealer

An extremely sophisticated information thief called Invicta Stealer gathers information from a variety of programs, including Steam, Discord, and KeyPass. It takes local databases from Discord, obtains encrypted passwords from KeyPass, and pulls active game sessions, usernames, and lists of installed titles from Steam.

The virus also collects files from each registered user’s desktop and Documents folder on the affected machine. Once all the required information has been gathered, a ZIP archive containing the data is created and transmitted back to the operator’s server.

One distinctive feature of Invicta Stealer is its capacity to target several types of extremely sensitive data across numerous apps and browsers. Attackers may use the stolen data to their advantage financially or to conduct specialized assaults against specific people or companies.

Cybersecurity Measures

It’s highly advised to follow these Cyble experts’ advice to defend against this threat:

1. Configure consistent backups.

2. Make use of reliable antivirus programs.

3. All devices should have automatic software upgrades enabled.

4. Refrain from downloading unauthorized software from dubious sources.

5. Use caution while reading email attachments and dubious URLs.

6. Implement multi-factor authentication and strong passwords.

7. Keep a tight eye on network activities.

8. Disallow potentially harmful URLs.

9. Give staff members thorough instruction on defense strategies, such as phishing awareness.

Understanding how serious this issue is and taking preventative action in advance to defend against hostile intrusions are crucial.

Avatar photo

Esme Greene

Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.