Security researchers with Menlo Labs have spotted a new version of the notorious Adwind remote access trojan (RAT) that can steal login credentials from compromised machines. The malware is being distributed via phishing emails, compromised websites as well as outdated and malicious WordPress sites.
While previous versions of Adwind were platform-agnostic, the latest version has been modified to specifically target Windows applications, including Explorer and Outlook, and Chromium-based browsers, including Brave and other new browsers. According to Krishnan Subramanian of Menlo Labs, this “shows that attackers are closely keeping track of newly released applications that are gaining traction among end users and adapt their RAT functionality to steal information from these new applications.”
Read more: New Adwind Variant Targets Windows, Chromium Credentials