Attackers Spread New Meta Malware In Malspam Campaign

Attackers are actively using Meta malware, a new info-stealer malware that steals information, in multiple attacks.

The attackers’ main aim is to steal passwords stored in Chrome, Edge, Firefox and cryptocurrency wallets.

Hackers who use the malicious software first send a phishing email to victims. The email contains information about money transfers with a request to an attached document.

Embedded in the attached document are spreadsheet files with DocuSign bait that trick victims into enabling content required to run the malicious VBS macro in the background.

After clicking on “enable content” the malicious script starts downloading various payloads, some of which are structured to bypass security.

Also to bypass Windows Defender, Meta malware modifies it with PowerShell to exclude .exe files from scanning, thereby protecting its malicious files from detection.

The tool is sold for $125 for monthly subscribers or $1,000 for unlimited lifetime and is advertised as an improved version of RedLine.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web