Fake Microsoft Store, Spotify sites spread info-stealing malware

Attackers are promoting sites impersonating the Microsoft Store, Spotify, and an online document converter that distribute malware to steal credit cards and passwords saved in web browsers.

The attack was discovered by cybersecurity firm ESET who issued a warning yesterday on Twitter to be on the lookout for the malicious campaign.

In a conversation with Jiri Kropac, ESET’s Head of Threat Detection Labs, BleepingComputer learned that the attack is conducted through malicious advertising that promotes what appears to be legitimate applications.

Read more…
Source: Bleeping Computer