Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Security researchers at Proofpoint have uncovered a sophisticated web inject campaign targeting MacOS users with a new information-stealing malware called FrigidStealer. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. The malware employs AutoIt scripting, process hollowing, and multi-channel exfiltration to bypass traditional defenses, making it one of the most persistent keyloggers observed this year. With Snake Keylogger’s evolving tactics, layered defenses integrating AI and threat intelligence remain critical to safeguarding sensitive data. A sophisticated new variant of the Snake Keylogger (detected as Autolt/Injector.GTY!tr) has emerged as a critical threat to Windows users. Upon execution, Snake Keylogger deploys an AutoIt-compiled binary (ageless.exe) to the %Local_AppData%\supergroup directory, hiding its presence through hidden attributes. By suspending the process, unmapping its memory, and loading malicious code, Snake Keylogger evades signature-based detection. FortiSandbox v5.0’s PAIX engine detected the threat through behavioral analysis and static heuristics, identifying embedded APIs and network anomalies. Tushar is a Cyber security content editor with a passion for creating captivating and informative content. FortiGuard Labs reports over 280 million blocked infection attempts since January 2025, with concentrated attacks in China, Turkey, Indonesia, Taiwan, and Spain. The malware injects its payload into RegSvcs.exe, a legitimate .NET process, using process hollowing. It leverages advanced evasion techniques to steal sensitive data from Chrome, Edge, and Firefox browsers. Educate users on phishing risks via security platforms.
This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 20 Feb 2025 00:20:12 +0000