A new malware known as Glove has been discovered by researchers, actively infecting browsers in the wild. Glove is designed to steal information from web browsers, extracting stored data.
Glove Stealer Malware Targets Web Browsers
Security researcher Jan RubÃn recently published a detailed technical analysis of the Glove stealer malware, which is currently spreading in the wild. This malware is primarily focused on stealing information from web browsers.
The attack typically begins with a phishing attempt to trick users into downloading the malware. The malicious actors use tactics similar to ClickFix attacks, where fake error messages are displayed in phishing emails.
Once the victim downloads the malware by clicking on the malicious attachment, a fake error prompt appears, along with instructions to fix the issue. By following these instructions, the victim unwittingly installs the malware on their device. The malware then connects to the attacker’s server to download the Glove stealer.
Glove starts extracting data from web browsers, primarily targeting Chromium-based browsers. However, it is also capable of stealing data from other browsers such as Mozilla Firefox.
One notable feature of Glove is its ability to bypass Google Chrome’s App-Bound Encryption security measure. This is achieved by using an additional .NET payload that circumvents the encryption process.
With its ability to bypass security measures, Glove poses a significant threat by stealing sensitive information like passwords and crypto wallets from web browsers.
It is crucial for end-users to remain vigilant against such threats by avoiding unsolicited communications and being cautious of phishing attempts. By staying informed and alert, users can better protect their devices from malware attacks.
Share your thoughts in the comments section below.
