Beware Of Braodo Stealer That Steals Users’ Login Credentials

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

Post Sharing

Stealers are one of the most used malicious tools that is used by threat actors. As such tools enable hackers to obtain sensitive information such as passwords, credit card details, and personal data from compromised systems.

This stolen data could be later used by threat actors for several illicit purposes or even sold on black marketplaces or forums.

K7 Security Labs researchers recently warned users of Braodo stealer, which steals users’ login credentials.

Braodo Steals Login Credentials

Braodo Stealer, a Vietnamese-origin virus, has caught attention due to its ingenious and sophisticated information-stealing capabilities.

This stealthy malware takes advantage of Unicode-obfuscated batch files as part of its multi-stage infection process.

The first stage makes use of PowerShell to download more components from GitHub which includes a persistence mechanism for installation in the Windows Startup folder.

The core payload for this virus is hidden within “Document.zip,” a zipped file that consists of the complete Python environment alongside its leading destructive script “sim.py.”

Join our free webinar to learn about combating slow DDoS attacks, a major threat today.

Once triggered, Braodo carries out an extensive scan of the whole system collecting details such as computer name, user’s personal information, and IP address.

The flow of its execution (Source – K7 Security Labs)

This script’s main role is to extract confidential data from web browsers such as Chrome, Firefox, and Edge. 

The malware shows sophistication in decrypting browser information using AES algorithms whose keys are derived from browser-specific files.

Collected data (Source – K7 Security Labs)

The virus then zipped up this information and sent it out via Telegram bots, which showcases the use of genuine platforms for command and control by malware.

Combining all these factors with its ability to focus on various browsers and Unicode-secured information, Braodo poses a serious threat to personal and financial security, which highlights the changing nature of information-stealing malware.

Braodo Stealer is malware that showcases the maturing nature of malware, focusing on network-related information for enhanced reconnaissance.

This highlights the importance of evasive techniques and targeted data theft as indicators of urgent requirements for strong cyber security measures.

Cybersecurity analysts strongly recommend key things, such as users investing in reputable and up-to-date security solutions to safeguard themselves from these advanced vulnerabilities.

The priority on network information theft points out a difference in malware approach, which might result in more complex multi-staged attacks in the future.

IoC

IoC (Source – K7 Security Labs)

Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo