• Thu. Oct 12th, 2023

New Surge in EvilExtractor Malware Detected in Europe and the United States

Avatar photo

ByEsme Greene

May 17, 2023
New Surge in EvilExtractor Malware Detected in Europe and the United States
Esme Greene
Latest posts by Esme Greene (see all)

Researchers have noticed an increase in assaults disseminating the EvilExtractor data theft program, which is used in Europe and the US to steal consumers’ personal data.

Seven attack modules, including Windows Defender bypassing, ransomware, and credential extraction, are available with a $59 a month membership to Kodex’s EvilExtractor software.

Based on the information provided to BleepingComputer, EvilExtractor is mostly advertised to threat actors on hacking forums even though it is touted as a respectable program.

Allan Liska, a security intelligence analyst at Recorded Future, informed BleepingComputer that the company first discovered Evil Extractor being marketed on the Cracked and Nulled forums in October of 2022.

Since February 2022, other security experts have been keeping an eye on the advancement and harmful assaults made possible by Evil Extractor and reporting their findings on Twitter.

According to Fortinet, information thieves employ EvilExtractor as malware in the field to steal data.

Attack statistics gathered by the cybersecurity firm says that the use of EvilExtractor peaked in March 2023, with the majority of infections originating from a related phishing effort.

Expansion in phishing attacks

Fortinet said that the assaults they saw began with phishing emails that looked like account confirmation requests and contained executable attachments that were gzip-compressed. This executable, which is actually a Python executable program, is designed to look like a genuine PDF or Dropbox file.

Fortinet says that Kodex, the tool’s creator, has upgraded EvilExtractor numerous times since its initial release in October 2022 to give it additional power and stability.

Users are encouraged to be alert against unsolicited emails because detections in the wild show that EvilExtractor is gaining popularity in the cybercrime community.

Avatar photo

Esme Greene

Esme brings a wealth of knowledge and experience to our website, specializing in all aspects of DarkWeb security. With a deep understanding of the intricate workings of the DarkWeb and its associated cybersecurity risks, Esme curates insightful and informative content for our readers.