- Hikvision’s Million Spy Contract in China - August 21, 2023
- IT Hero Foils Extortion, Pays Dearly - August 21, 2023
- A BMW Shipped to EU With Backdoors Installed by Hackers as Part of the APT29 Group’s New Strategy - August 21, 2023
Spam emails that resemble those from GoDaddy promising refunds are used to spread it. In order to download a “Invoice.zip” file, the victim is directed to a Discord URL. An “INVOICE_MT103.lnk” shortcut that seems to be a PDF is really running PowerShell instructions that launch Invicta Stealer within.
On the victim’s computer, Invicta Stealer gathers a variety of information, including details on the operating system, installed applications, and active processes. It is designed to attack 31 online browsers, including well-known ones like Chrome, Firefox, and Safari as well as Russian browsers. 26 cryptocurrency wallet extensions’ data are also stolen by it.
What is Known About Invicta Stealer
An extremely sophisticated information thief called Invicta Stealer gathers information from a variety of programs, including Steam, Discord, and KeyPass. It takes local databases from Discord, obtains encrypted passwords from KeyPass, and pulls active game sessions, usernames, and lists of installed titles from Steam.
The virus also collects files from each registered user’s desktop and Documents folder on the affected machine. Once all the required information has been gathered, a ZIP archive containing the data is created and transmitted back to the operator’s server.
One distinctive feature of Invicta Stealer is its capacity to target several types of extremely sensitive data across numerous apps and browsers. Attackers may use the stolen data to their advantage financially or to conduct specialized assaults against specific people or companies.
It’s highly advised to follow these Cyble experts’ advice to defend against this threat:
1. Configure consistent backups.
2. Make use of reliable antivirus programs.
3. All devices should have automatic software upgrades enabled.
4. Refrain from downloading unauthorized software from dubious sources.
5. Use caution while reading email attachments and dubious URLs.
6. Implement multi-factor authentication and strong passwords.
7. Keep a tight eye on network activities.
8. Disallow potentially harmful URLs.
9. Give staff members thorough instruction on defense strategies, such as phishing awareness.
Understanding how serious this issue is and taking preventative action in advance to defend against hostile intrusions are crucial.