Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cloud creds stealer #124

Open
christophetd opened this issue Sep 12, 2023 · 2 comments
Open

Cloud creds stealer #124

christophetd opened this issue Sep 12, 2023 · 2 comments

Comments

@christophetd
Copy link
Collaborator

https://securelist.com/backdoored-free-download-manager-linux-malware/110465/

This stealer collects data such as system information, browsing history, saved passwords, cryptocurrency wallet files, as well as credentials for cloud services (AWS, Google Cloud, Oracle Cloud Infrastructure, Azure).

@ramimac
Copy link
Owner

ramimac commented Sep 20, 2023

I'm going to leave this open, but not add

I think "opportunistically grabs AWS credentials" doesn't quite rise to the level of tracking -- versus "targets AWS hosted infrastructure", if that distinction makes sense?

My understanding is that most stealers will pick up the credentials file if it's lying around

@christophetd
Copy link
Collaborator Author

Yep makes sense. Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants