Tag Archives: Infostealers

‘Vortax’ Meeting App Builds Elaborate Branding, Spreads Infostealers

A widespread campaign aimed at stealing cryptocurrency is spreading a wave of infostealers through fake virtual meeting software for both macOS and Windows platforms, particularly targeting the former with the dangerous Atomic stealer.

Discovered by Recorded Future’s Insikt Group, the campaign attributed to a threat actor dubbed “Markopolo” is responsible for an elaborate Web and social media presence for a fake app called Vortax, according to a report (PDF) published this week.

Vortax is purported to be virtual meeting software for various platforms but actually is a delivery mechanism for three infostealers: Rhadamanthys, Stealc, and Atomic, the researchers found. Attackers target cryptocurrency users in the campaign through social media and Telegram channels for the purpose of…


Source link

The Travels of “markopolo”: Self-Proclaimed Meeting Software Vortax Spreads Infostealers, Unveils Expansive Network of Malicious macOS Applications

insikt-group-logo-updated-3-300x48.png

Recorded Future’s Insikt Group identified that Vortax, a purported virtual meeting software, spreads three infostealers—Rhadamanthys, Stealc, and Atomic macOS Stealer (AMOS). This extensive campaign targets cryptocurrency users, exploiting macOS vulnerabilities. Operated by the threat actor “markopolo,” this campaign has significant implications for macOS security, indicating a potential increase in AMOS attacks.

The Travels of “markopolo”: Self-Proclaimed Meeting Software Vortax Spreads Infostealers, Unveils Expansive Network of Malicious macOS Applications

While monitoring data in Recorded Future Malware Intelligence, Recorded Future’s Insikt Group has identified a widespread cyberattack campaign involving Vortax, a supposed virtual meeting software. Once downloaded…


Source link