Almost 1 million Internet user passwords from all over Brazil have been leaked in recent days by cybercriminals who used a Trojan like the “Password Stealer”. The warning was given on Thursday (25) by the cybersecurity company ISH Tecnologia, which discovered the scam earlier in the week.
According to the company, the hackers are sending a fake billing email to the victims, posing as a cell phone company. In the message, they ask the customer to download an alleged overdue invoice, in PDF format, to make the payment.
When the victim downloads the file, the trojan installs itself on the computer and makes a copy of all passwords saved in the browser by the user, sending the credentials to a remote server, in sequence. As the malicious program runs silently in the background, the Internet user is not even suspicious of its action. In addition, it is able to disable antivirus and other protection tools.
Through this campaign, cyber criminals have managed to steal more than 900,000 passwords, according to ISH, by infecting the computers of nearly 500,000 victims to date. A file containing 1.2 GB of stolen data was found by the company in a group of messages on the deep web.
As the campaign is still active, there is a risk that new victims will be made, increasing the number of stolen passwords. In order not to become one of them, you should avoid clicking on suspicious links sent by email.
In addition, it is recommended to disable the function of saving passwords in the browser, widely used by Internet users to remember the access codes to e-mails, social networks, streaming and other online services, as they can be accessed through malicious techniques such as this one. .
The company’s experts say that all browsers are susceptible to attack. Therefore, it is necessary to take measures to mitigate new credential thefts.