Comforts can cost you dearly: saving your credit card information on your browser has become risky. Especially if the browser in question is Google’s Chrome. The researchers of Proofpoint, a cyber-security company, have in fact discovered a new variant (in jargon, a new module) of Emotet, one of the most powerful and dangerous malware in circulation in recent years.
The same researchers, who made this discovery on June 6, admit they were very surprised: “This is a module designed to steal credit card data that only targets the Chrome browser.” And, questioned by Repubblica, they add that “infections caused by Emotet can lead to subsequent malware, such as ransomware”, ie malicious programs that steal or make some victim’s data inaccessible, asking for a ransom to return them or make them visible again.
The threat is serious: Chrome is the most common browser in the world and there are many of its users who, for speed, save the data of their payment cards (number and CVV code) in the cache, so as not to have to enter them every time they want to buy something online.
It is therefore not surprising that the advice of Proofpoint’s experts is to “not store sensitive data in the browser cache”. But that’s not all: “It is also worth noting that Emotet typically spreads via email, using dangerous links and attachments” to distribute viruses. It is not easy to learn to recognize these threats, also because Emotet is a very advanced malware.
Born in 2014, in the early years he was distinguished above all by large-scale attacks that hit a German hospital – forcing him to disconnect from the rescue control center – and the Berlin Court of Appeal. Over the next few years, he continued to target businesses and individuals, mostly sneaking through email messages that contain malicious attachments. It would be enough not to open the message, only that Emotet manages to make a known person appear as the sender, lowering the victim’s defenses.
“But usually Emotet did not target credit cards and banking credentials, so this new feature seemed worthy to us” explains the cyber-security researchers.
A few weeks earlier, the malware had attacked Windows users, using operating system shortcut files (.lnk files) to infect devices, using Windows Office macros. Recently eight cyber-security agencies of the Five Eyes, the intelligence alliance of Australia, Canada, New Zealand, the United Kingdom, and the United States
