RedLine Malware Steals Passwords With Omicron Scam; How to Check If You've Been Attacked

RedLine Malware Steals Passwords With Omicron Scam; How to Check If You've Been Attacked
Experts uncovered a new strategy that distributes RedLine malware. The said attack involves emails about the COVID-19 Omicron variant. ANDREAS SOLARO/AFP/Getty Images

Experts uncovered a new strategy that distributes RedLine malware. The said attack involves emails about the COVID-19 Omicron variant.

Be warned that the RedLine stealer harvests user credentials like passwords, bank accounts, VPNs and many more.

The RedLine malware is one of the most popular info stealers today. It is notorious for targeting anybody connected to the internet with scam tactics.

Experts from Fortinet recently warned about two concerning issues about the RedLine malware. First is a newly discovered variant of the info stealer, and second is a new distribution strategy for the malicious payload. ZDNet explained the details of the ongoing issues.

RedLine Malware: COVID-19 Omicron Emails

According to researchers, the new RedLine stealer variant specializes in taking information from stored VPN applications. This means users who rely on such services are at risk. Data that could be stolen includes web logs and online credentials.

However, before the hacking could commence, cybercriminals must first deliver this malicious payload to unsuspecting people. To increase their potential number of victims, cybercriminals take advantage of the growing fear and uncertainty about COVID-19.

Researchers discovered that this new malware strain was being distributed via emails about COVID-19 facts. The emails may vary on a case-to-case basis. Some offer information about the Omicron variant, while others provide general guidelines and health protocols.

Regardless of the content, victims who might have received this should be wary about any attachments or documents embedded in the email. These are often files with malware code embedded in it, called "Omicron Stats.exe."

Researchers said the potential victims of the Redline stealer are spread across 12 countries. Unfortunately, they did not elaborate on the exact list.

RedLine Malware Threat: How to Check If You Are Infected

According to an earlier article, RedLine malware has already leaked more than 440,000 victim accounts. Notably, information like these are often put for sale on darknet marketplaces. Data leak include the victims' passwords, credit cards and even Bitcoin wallets for some traders.

RedLine is definitely a dangerous online threat. Fortunately, there are a few options that victims can use to check if their device or account is already infected with RedLine malware.

First, users should try searching their password on the Have I Been Pwned website. This is a free-to-use online tool that records the millions of real-world passwords and accounts breached. Information in this database is regularly updated.

Second, users should install antivirus software and regularly scan their devices. Users are recommended to always update the program to be fully equipped with the latest patch to fix newly-discovered malware and viruses.

Lastly, users should watch out for suspicious activities on their devices. Situations like their processors, graphics card or RAM overloading without any active programs indicate malware infection. To play safe, users should immediately delete the program creating this strain. Users should also uninstall any other suspicious apps on the infected device.


Related Article: iPhone Malware Security Warning: New Fake Shutdown Trick Lets Hackers Spy on You!

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics