- Latest malware attacks steal login information from listed applications such as Google Chrome and Microsoft Outlook
- The malware usually processes the data on victim’s machine to extract very precise information
- The file is detected by only a few security vendors
SonicWall RTDMI™ engine has recently detected a Windows shortcut file capable of downloads and executing LALALA infostealer to the user’s device. LALALA infostealer is a batch script, which takes help of PowerShell to steal and send victim’s data to the server. The irony however is that, this sort of an attack is detected by only a few security vendors on popular threat intelligence sharing portal. This is yet another classic instance of Malware authors’ using simple but very effective approaches to stay low and steal user’s data.
The malware usually processes the data on victim’s machine to extract very precise information which is sent to the malware server. But LALALA sends good amount of data to the server which needs further processing at server’s end to extract the operative data. The malware decrypts some application’s data (eg. Google Chrome and Microsoft Edge) on user’s device which uses Windows logon based encryption because that data cannot be decrypted on the other machine.
Debasish Mukherjee as VP, Regional Sales -APAC at SonicWall says, “As the new age mantra stresses that Data is the new oil is encouraging cyber-attackers get innovative in their approach to steal data. They are going beyond regular methods and using unsuspecting yet popular platforms such as Google Chrome and Microsoft Outlook as the launch-pad to prowl on unsuspecting users. This situation calls for effective cyber-security mechanisms to be activated. It becomes imperative, for cybersecurity solution providers to innovate and create a response mechanism at a rapid pace.”
SonicWall has been fighting the cybercriminal industry for over 28 years defending small and medium businesses, enterprises and government agencies worldwide. Backed by research from SonicWall Capture Labs, our award-winning, real-time breach detection and prevention solutions secure more than a million networks, and their emails, applications and data, in over 215 countries and territories. These organizations run more effectively and fear less about security. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram