FormBook—Cheap Password Stealing Malware Used In Targeted Attacks

It seems sophisticated hackers have changed the way they conduct targeted cyber operations—instead of investing in zero-days and developing their malware; some hacking groups have now started using ready-made malware just like script kiddies.

Possibly, this could be a smart move for state-sponsored hackers to avoid being attributed easily.

Security researchers from multiple security firms, including Arbor Networks and FireEye, independently discovered a series of malware campaigns primarily targeting aerospace, defence contractors and manufacturing sectors in various countries, including the United States, Thailand, South Korea and India.

What’s common? All these attack campaigns, conducted by various hacking groups, eventually install same information and password stealer malware—dubbed FormBook—on the targeted systems.

FormBook is nothing but a “malware-as-as-service,” which is an affordable piece of data-stealing and form-grabbing malware that has been advertised in various hacking forums since early 2016.

Read more…

Source: The Hacker News