AZORult is an information stealer and downloader designed to harvest various sensitive details from the systems it compromises. The malware was first identified in 2016 when it was distributed as a part of an infection with Chthonic banking Trojan. Soon after the release of its freshly updated version on underground forums which occurred on July 17, security researchers at Proofpoint detected a large spam email campaign that carries the new significantly improved version of AZORult spyware.
AZORult spyware is a threat that allows hackers to steal various kinds of sensitive data from any compromised PC. At its first release that happened in 2016, AZORult was a malware that needed another piece of malware to install and run it. Earlier this year security researchers spotted a shift in its distribution techniques. They identified that plenty of spam email campaigns with attached RTF documents were designed to exploit infamous vulnerabilities and deliver the notorious spyware. Since then AZORult has been detected as part of various malspam attacks.
Among the details that could be stolen in case of infection with AZORult spyware are saved passwords, cookies from browsers, cryptocurrency wallet.dat file, skype message history, files from chat history, files stored on the desktop, list of installed programs, list of running processes, system and hardware details.
AZORult Upgraded to Version 3.2
This month the threat was found to have a new version that features some notable upgrades. As found by the researchers at Proofpoint this new version of the spyware is advertised as Version 3.2 on an underground forum. There threat authors state that in its official release AZORult v3.2 features:
- Added stealing of history from browsers (except IE and Edge)
- Added support for cryptocurrency wallets: Exodus, Jaxx, Mist, Ethereum, (Read more...)
*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | SensorsTechForum.com authored by Gergana Ivanova. Read the original post at: https://sensorstechforum.com/azorult-version-3-2-spyware-ransomware/