• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Home
  • About Us
  • Contact Us

iHash

News and How to's

  • Prodigy Afterschool Masterclasses for Kids for $99

    Prodigy Afterschool Masterclasses for Kids for $99
  • 10.1" WiFi Digital Photo Frame with Photo/Video Sharing for $149

    10.1" WiFi Digital Photo Frame with Photo/Video Sharing for $149
  • 8" WiFi Cloud Photo Frame for $112

    8" WiFi Cloud Photo Frame for $112
  • 8" WiFi Digital Photo Frame with Auto Rotation & Photo/Video Sharing for $112

    8" WiFi Digital Photo Frame with Auto Rotation & Photo/Video Sharing for $112
  • Wireless Wall Tap Smart Plug for $39

    Wireless Wall Tap Smart Plug for $39
  • News
    • Rumor
    • Design
    • Concept
    • WWDC
    • Security
    • BigData
  • Apps
    • Free Apps
    • OS X
    • iOS
    • iTunes
      • Music
      • Movie
      • Books
  • How to
    • OS X
      • OS X Mavericks
      • OS X Yosemite
      • Where Download OS X 10.9 Mavericks
    • iOS
      • iOS 7
      • iOS 8
      • iPhone Firmware
      • iPad Firmware
      • iPod touch
      • AppleTV Firmware
      • Where Download iOS 7 Beta
      • Jailbreak News
      • iOS 8 Beta/GM Download Links (mega links) and How to Upgrade
      • iPhone Recovery Mode
      • iPhone DFU Mode
      • How to Upgrade iOS 6 to iOS 7
      • How To Downgrade From iOS 7 Beta to iOS 6
    • Other
      • Disable Apple Remote Control
      • Pair Apple Remote Control
      • Unpair Apple Remote Control
  • Special Offers
  • Contact us

Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread

Mar 30, 2022 by iHash Leave a Comment

Mars Stealer Malware

A nascent information stealer called Mars has been observed in campaigns that take advantage of cracked versions of the malware to steal information stored in web browsers and cryptocurrency wallets.

“Mars Stealer is being distributed via social engineering techniques, malspam campaigns, malicious software cracks, and keygens,” Morphisec malware researcher Arnold Osipov said in a report published Tuesday.

Based on the Oski Stealer and first discovered in June 2021, Mars Stealer is said to be constantly under development and available for sale on over 47 underground forums, darknet sites, and Telegram channels, costing only $160 for a lifetime subscription.

CyberSecurity

Information stealers allow adversaries to vacuum personal information from compromised systems, including stored credentials and browser cookies, which are then sold on criminal marketplaces or used as a springboard for launching further attacks.

The release of Mars Stealer last year has also been accompanied by a steady increase in attack campaigns, some of which have involved the use of a cracked version of the malware that has been configured in such a manner that it has exposed critical assets on the internet, inadvertently leaking details about the threat actor’s infrastructure.

Mars Stealer Malware

Also notable is a campaign observed last month that siphoned the passwords belonging to students, faculty members, and content makers who have downloaded trojanized versions of legitimate applications.

On top of that, the cybersecurity company noted that it “identified credentials which led to the full compromise of a leading healthcare infrastructure provider in Canada, and a number of high-profile Canadian service companies.”

While Mars Stealer is most commonly distributed via spam email messaging containing a compressed executable, download link, or document payload, it’s also propagated via fraudulent cloned websites advertising well-known software such as OpenOffice that were then pushed through Google Ads.

CyberSecurity

The goal is to leverage geographically targeted ads to trick potential victims searching for the original software into visiting a malicious site instead, ultimately leading to the deployment of the malware.

Mars Stealer, for its part, is engineered to harvest and exfiltrate browser autofill data, credit card information, browser extension details, including that of cryptocurrency wallets like Metamask, Coinbase Wallet, and Binance Wallet, and system metadata.

But because the threat actor compromised their own machine with the Mars Stealer during debugging, the OPSEC mistake allowed the researchers to attribute the campaign to a Russian speaker as well as uncover details about the adversary’s use of GitLab and stolen credentials to place Google Ads.

“Infostealers offer an accessible entry point to criminal activity,” Osipov said, adding such tools “empower novice cybercriminals to build a reputation they can leverage to acquire more powerful malware from more sophisticated actors.”

Source link

Share this:

  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn

Filed Under: Security Tagged With: ads, campaign, computer security, cyber attacks, cyber news, cyber security news, cyber security news today, cyber security updates, cyber updates, data breach, Expose, google, hacker news, hacking news, how to hack, information security, Malware, Mars, network security, ransomware malware, Researchers, software vulnerability, Spread, stealer, the hacker news

Special Offers

  • Prodigy Afterschool Masterclasses for Kids for $99

    Prodigy Afterschool Masterclasses for Kids for $99
  • 10.1" WiFi Digital Photo Frame with Photo/Video Sharing for $149

    10.1" WiFi Digital Photo Frame with Photo/Video Sharing for $149
  • 8" WiFi Cloud Photo Frame for $112

    8" WiFi Cloud Photo Frame for $112
  • 8" WiFi Digital Photo Frame with Auto Rotation & Photo/Video Sharing for $112

    8" WiFi Digital Photo Frame with Auto Rotation & Photo/Video Sharing for $112
  • Wireless Wall Tap Smart Plug for $39

    Wireless Wall Tap Smart Plug for $39

Reader Interactions

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

E-mail Newsletter

  • Facebook
  • GitHub
  • Instagram
  • Pinterest
  • Twitter
  • YouTube

More to See

ZuoRAT Malware Hijacking Home-Office Routers to Spy on Targeted Networks

Jun 28, 2022 By iHash

Cisco Talos Supports Ukraine Through Empathy

Cisco Talos Supports Ukraine Through Empathy

Jun 28, 2022 By iHash

Tags

* Apple Cisco computer security cyber attacks cyber crime cyber news Cyber Security cybersecurity cyber security news cyber security news today cyber security updates cyber threats cyber updates data breach data breaches google hacker hacker news Hackers hacking hacking news how to hack incident response information security iOS iOS 7 iOS 8 iPhone iPhone 6 Malware microsoft network security Privacy ransomware malware risk management security security breaches security vulnerabilities software vulnerability the hacker news Threat update video web applications

Latest

How CIOs and CISOs can collaborate for success in the new cloud era

How CIOs and CISOs can collaborate for success in the new cloud era

The rapid adoption of multicloud IT environments and the transition to hybrid workforces demand a new dynamic in the C-suite: a closer alliance between CIOs and CISOs.  By joining forces, CIOs and CISOs can strike a healthy balance between pushing the pace of tech innovation and mitigating risk. Moving to the cloud — especially to […]

What Is Data Reliability Engineering?

Data Reliability Engineering (DRE) is the work done to keep data pipelines delivering fresh and high-quality input data to the users and applications that depend on them. The goal of DRE is to allow for iteration on data infrastructure, the logical data model, etc. as quickly as possible, while—and this is the key part! —still […]

Prodigy Afterschool Masterclasses for Kids for $99

Expires June 28, 2122 23:59 PST Buy now and get 85% off KEY FEATURES Unlock Your Child’s Potential For Success! No dream is too big when you have the tools to achieve it. Whether your child dreams of saving lives as a doctor or inspiring people through the arts, Prodigy will give them the tools […]

Charlie Klein

Key-Thoughts on Cross-Organizational Observability Strategy

Logz.io ran two surveys earlier this year to better understand current trends, challenges, and strategies for implementing more effective and efficient observability – including the DevOps Pulse Survey and a survey we ran with Forrester Research. Together, we received responses from 1300+ DevOps and IT Ops practitioners on observability challenges, opportunities, and ownership strategies. Additionally, […]

8" WiFi Cloud Photo Frame for $112

Expires June 25, 2122 23:59 PST Buy now and get 13% off KEY FEATURES With the 8″ WiFi Cloud Photo Frame you can send photos from your phone to your frame, control which photos are to be sent to your frame, and update your images instantly. You can send photos from any device with an […]

8" WiFi Digital Photo Frame with Auto Rotation & Photo/Video Sharing for $112

Expires June 25, 2122 23:59 PST Buy now and get 19% off KEY FEATURES Send Pictures and Videos from your smartphone to eco4life WiFi Digital Photo Frame, from anywhere in the world using the eco4life App. The eco4life smart frame is simply the best way to enjoy your favorite photos and videos with your families […]

Jailbreak

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

  Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate.   Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

  Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

Copyright iHash.eu © 2022
We use cookies on this website. By using this site, you agree that we may store and access cookies on your device. Accept Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT