Malware is currently circulating via email and is stealing your passwords and personal data

An extensive campaign Fishing Is active. Discovered by Microsoft teams, it aims to spread a Trojan
Malware In the name of STRRAT, specifies ZDNet.

Based on Java (1.5), this malicious program hides itself in an image that displays itself as an email link. This Trojan can steal usernames, passwords and other personal data by recording keystrokes, Microsoft warns on Twitter.

The latest version (1.5) of the Java-based STRRAT malware was distributed during a major email campaign last week. This RAT is notorious for its ransomware-like behavior for adding file name extensions.Crimson without encrypting files. pic.twitter.com/mGow2sJupN

– Microsoft Security Intelligence (sMsftSecIntel) May 19, 2021

It acts like ransomware

Its mode of operation is particular. Because it acts like ransomware. So, once used, it adds the file name extension. Crimson for files on the computer but did not actually encrypt them. A question to distract the victim, he only deals with a ransomware, but not a remotely operating Trojan.

To spread, the malware can be relied upon to distribute payment emails to the victim. To find the amount, you are asked to click on what looks like a link in PDF format. Once the victim opens the file, they download the malware and the hacker can access their computer, watch out for our colleagues.

Going on

The campaign still seems to be going on. Hackers can extend it to various data collected that allow access to victims’ emails.

The best way to protect yourself from STRRAT is not to click on the image that acts as the link. It is good to be wary of any emails that the reporter does not know, especially if the subject is financially gainful. Installing an antivirus that scans email will also protect against attacks.