Hackers are using fake Microsoft and Spotify to distribute malware that phishes credit card and password details saved in browsers.
Security researchers have claimed that the attack is promoted via malicious advertising that promotes what appears to be legitimate application. Once the user clicks on the ad, the web page is redirected to a fake Microsoft store that starts downloading a malicious file into the user device.
The downloaded file actually is the FickerStealer malware that can steal passwords and credit card information saved on web browsers. The advertisements used by the hackers are generally of an online chess game, Spotify or of an online document converter.
Ficker is an information-stealing Trojan released on Russian-speaking hacker forums. The malware is also capable of stealing from over fifteen cryptocurrency wallets, steal documents, and take screenshots of the active application.
NPAV recommends users to stop downloading files through the ads as they may be fake and can be easily used to spread malware. NPAV suggests users to visit official stores for downloading any application that lures them or is required for their work.
Install NPAV on your devices to keep them safe and secure from all kinds of cyber attacks. Use NPAV and join us on a mission to secure the cyber world.