SonicWall Capture Labs Threats Research team has spotted Lokibot malware attacks.
This malware is delivered through spam emails, the company said.
Lokibot is an info stealer. It tries to steal credentials stored in registry, files and browser, it added.
This is how it works:
The user is lured into opening malicious attachment in a spam email. This attachment is Lokibot malware which upon execution steals critical user data like username, password in browser and registry.
Additionally, sensitive information such as email data is stolen from sources like Microsoft Outlook and web browsers. The malware then sends the information to an attacker-controlled server.
This approach is very similar to a general email phishing attack.
SonicWall researchers have recorded 26 million phishing attacks worldwide.