Dec
18
2018

Loki bot malware stealing victim passwords from browsers, messaging applications, email and ftp clients

NPAV Cybersecurity Labs has researched and discovered that hackers are spreading malware which can steal users passwords from various applications.

Lokibot belongs to such malware family. Lokibot malware steals data from emails, Browsers and Ftp by spreading as .iso extension file that target a corporate network and applications to steal victim credentials.

How is the lokibot malware spreading?

Attackers have been spreading the malicious file via email that contains malicious “.iso” attachment. Once the user clicks on the .iso attachment, the malware file inside .iso file is extracted.

Loki Bot Malware also capable of stealing wallets and share the stolen data with attackers via its C&C server.

Malicious+Email+Infographics

According to NPAV observations and research new malware and continuously evolving and improving their attack platforms.

NPAV Total Security protects users from such new malware threats.