Sonic Wall labs spots Lokibot malware attacks

Venkatesh Ganesh Mumbai | Updated on September 26, 2019 Published on September 26, 2019

File photo

It tries to steal credentials stored in registry, files and browser

SonicWall Capture Labs Threats Research team has spotted Lokibot malware attacks.

This malware is delivered through spam emails, the company said.

Lokibot is an info stealer. It tries to steal credentials stored in registry, files and browser, it added.

This is how it works:

The user is lured into opening malicious attachment in a spam email. This attachment is Lokibot malware which upon execution steals critical user data like username, password in browser and registry.

Additionally, sensitive information such as email data is stolen from sources like Microsoft Outlook and web browsers. The malware then sends the information to an attacker-controlled server.

This approach is very similar to a general email phishing attack.

SonicWall researchers have recorded 26 million phishing attacks worldwide.

Published on September 26, 2019
  1. Comments will be moderated by The Hindu Business Line editorial team.
  2. Comments that are abusive, personal, incendiary or irrelevant cannot be published.
  3. Please write complete sentences. Do not type comments in all capital letters, or in all lower case letters, or using abbreviated text. (example: u cannot substitute for you, d is not 'the', n is not 'and').
  4. We may remove hyperlinks within comments.
  5. Please use a genuine email ID and provide your name, to avoid rejection.