New “Complaint Stealer” Malware Escalates, Targeting Cryptocurrency Wallets & Hospitality Sector

Malware News
1 
					<div>
				<div>
		<div>
							<div>
			<div>
						<p>By Cofense Intelligence</p><p>A series of campaigns delivering the newly christened “Complaint Stealer” malware began in mid-October and escalated within the last 2 days. The Complaint Stealer malware is an Information Stealer that targets cryptocurrency wallets and programs as well as credentials stored in browsers. Complaint Stealer shows unusual interest in the graphics card and other information associated with cryptocurrency mining so cryptocurrency mining may be a later addition. Complaint Stealer also often makes use of legitimate software such as AutoIT or PKWARE. All samples seen to date use the same C2 location. This campaign uses social engineering tactics also recently seen during the <a href="https://www.reuters.com/technology/hackers-who-breached-casino-giants-mgm-caesars-also-hit-3-other-firms-okta-says-2023-09-19/" rel="noreferrer" target="_blank">MGM, Caesars and other luxury hotel resort</a> breaches.</p><h2>Phishing Campaign Characteristics</h2><p>These campaigns all targeted hospitality customers and were themed around complaints about the accommodations, staff behavior, etc. The campaigns bypassed multiple Secure Email Gateways (SEGs) including Cisco Ironport and Microsoft ATP. The phishing campaigns delivering Complaint Stealer all used password protected archives downloaded from embedded mega[.]nz URLs to deliver the malware.</p><p><img alt="New “Complaint Stealer” Malware Escalates" height="675" src="https://ehhbozgsut3.exactdn.com/wp-content/uploads/2023/10/complaint-stealer-cofense.png?strip=all&amp;lossy=1&amp;resize=640%2C422&amp;ssl=1" width="1024" /></p><p><em>Figure 1: Email from campaign delivering Complaint Stealer.</em></p>						</div>
			</div>
				</div>
	</div>
						</div>
	
						</div>
	<p>The post <a href="https://cofense.com/blog/new-complaint-stealer-malware-escalates/" rel="noreferrer" target="_blank">New “Complaint Stealer” Malware Escalates, Targeting Cryptocurrency Wallets &amp; Hospitality Sector</a> appeared first on <a href="https://cofense.com" rel="noreferrer" target="_blank">Cofense</a>.</p>

Article Link: New “Complaint Stealer” Malware Escalates | Cofense