The Vcrums malware targets browsers and popular apps
Vcrums can deploy malware into your device and control it
2 min. read
Updated on
Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more
Fortinet’s FortiGuard Labs discovered the Vcrums malware. The cybercriminals behind the malware used email as their command and control center. Furthermore, they uploaded their malicious files on Amazon Web Services (AWS) and GitHub. In addition, to avoid detection, they used a commercial protector. Moreover, the cybercriminals are using a phishing campaign to lure us into installing the malware.
How does the Vcrums malware work?
The Vcrums malware users target devices with Java installed. In addition, a successful infiltration into the system grants them full control over it. Furthermore, to spread the Vcrums and StrRAT malware, threat actors trick users into downloading a malicious Java client by sending what seems to be a legitimate email. Also, they disguise the email as an urgent recipient. On top of that, StrRAT acts as a ransomware attack. However, instead of encrypting and locking data, it steals it.
Once you download the Java content of the email, the Vrcums malware starts installing and executing additional malicious JAR files. By doing this, cybercriminals expand their control over your device. Furthermore, the Vcrum malware can monitor you and use password recovery tools and keyloggers to steal your login information. Additionally, the malware steals information from popular browsers such as Chrome, Brave, Edge, Vivaldi, Opera, OperaGX, and Firefox and applications like Discord and Steam.
Ultimately, Vcrums comes with StrRAT and several other malware in a pack. Moreover, it disguises itself as a common file format, such as .jpg. Also, it uses obfuscation services to avoid detection. On top of that, the malware can send data through emails and install more files. Thus, to defend against the Vcrums malware, always verify the source of your emails. Furthermore, according to Fortinet, you should consider deploying updated security solutions. In addition, the company recommends you perform network segmentation.
What are your thoughts? Do you have the latest security solutions to protect you from Vcrums? Let us know in the comments.