Password and credit card-stealing Azorult malware adds new tricks

By: Danny Palmer

Skull of death symbol on the screen of smartphone on laptop computer. There is data flowing background. Selective focus on screen of the phone.

Malware can now steal more types of cryptocurrecny and comes with other updates, likely in response to a free version being leaked online.

A form of password, credit card details and cryptocurrency-stealing malware has been updated, making it even more potent for cyber criminals.

The Azorult malware has been been operating since 2016 and enables crooks to steal credentials including passwords, credit card details, browser histories and contents of cryptocurrency wallets from victims.

Now a new version of it is being advertised in an underground forum, as uncovered by researchers at tech security company Check Point, who describe it as “substantially updated”.

New features include the ability to steal additional forms of crpytocurrency from the wallets of victims – BitcoinGold, electrumG, btcprivate (electrum-btcp), bitcore and Exodus Eden.

Reflecting the fast pace of malware development, the developer of Azorult also boats improvements to the cryptocurrency wallet stealer components and improvements to the loader.

Researchers also note some behind-the-scenes changes compared to previous versions of the malware, including a new encryption method to obfuscate the domain name, as well as a new key for connecting to the command and control server.

More: https://www.zdnet.com/article/password-and-credit-card-stealing-azorult-malware-adds-new-tricks/