Clickbait Trojan Stealing People’s Passwords

Updated On

Every hacker want to spy users data to generate huge amount of money from them, now hackers came up with a great way to steal users password and attack people’s PCs, so they created a trojan

which in one name convinced employees of large companies to open it, and then sent their data to a remote server.

Dell Secureworks, published a report revealing the principle of operation of the “tricky” file. The authorship of the Trojan is attributed to the hacker groups APT33 and Helix Kitten , from the attacks of which some organizations have already suffered. The hacking method turned out to be unpretentious – the attackers just picked up the “correct” name for the spreadsheet stuffed with virus code.

See More: Hack Possible Titan Security Key Says By Google

Table of Contents

How it’s Working?

Hackers titled it as the “25 worst passwords of 2017”, hackers managed to convince employees of large companies to open the file out of curiosity: many wanted to laugh at other people’s mistakes. Then a trojan entered the file, copying the personal data of the victims to the hacker server. In a similar pattern, text documents were distributed with the heading “Security Guide” containing up-to-date instructions for installing antivirus and selecting strong passwords. While the user studied the received text, his confidential information leaked to the network.