HackRead reports that a new VB6-based version of the DarkCloud information-stealing malware has been launched to compromise a manufacturing organization's browser information, cryptocurrency, and contacts as part of a phishing campaign this month.Malicious emails purporting to contain financial details within an illicit ZIP archive have been sent using the "procure@bmuxitq[.]shop" email address to facilitate the spread of the new DarkCloud variant, which not only cracks down on browser credentials, website cookies, credit card numbers, FTP login details, keystrokes, and clipboard content, but also files of various extensions, according to findings from eSentire's Threat Response Unit.Multiple email clients, including MailMaster and Thunderbird, and cryptocurrency wallets have also been compromised by the malware, which exfiltrates data via FTP, Telegram, email, or Web Panel. Organizations have been advised to better protect themselves against the novel DarkCloud version by implementing more robust email security defenses.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds