How hackers find out if you are a high value target before ripping you off

Organizations in the United States and Germany are now being targeted by a new hacker known as TA886.  The custom malware is performing surveillance and data theft on infected systems and according to Proofpoint, has been doing so since October 2022.

However, this malware is especially unique because it will first perform in-depth evaluations of your worth before further invading a target to see if there is enough value.

How do these hackers surveil victims?

According to a study done by Proofpoint, like many malware scams, this specific one uses phishing emails that include Microsoft Publisher (.pub) attachments with malicious macros, URLs linking to .pub files with macros, or PDFs containing URLs that download dangerous JavaScript files. The emails can be written in English or German, depending on who the target is and where they are located.

Once the URL link is clicked, a multi-step attack chain begins and results in the downloading of “Screenshotter”, which is one of the main tools of TA886.

The Screenshotter tool will take JPG snapshots of the victim’s device and send those screenshots back to the TA886 server. Those screenshots are then searched through manually to see how much value the victim has, and if they are considered high-value, the malware will continue its invasion and steal everything from financial credentials to personal information.

How can I protect myself from this happening to me?

The best way to protect yourself from malware is to have antivirus software installed on your device. Our top choice for antivirus software is always Total AV. With this software, you can protect your device from dangerous situations like phishing scams, ransomware, and more. Plus, there’s a limited-time deal for CyberGuy readers: $19 your first year (80% off) for TotalAV Antivirus Pro package.

Do you have antivirus software installed on your device? Let us know how it’s working for you.

 

Related:

 

Related posts

Best last minute holiday gifts

Understanding brushing scams and how to protect yourself

From TikTok to trouble: How your online data can be weaponized against you