Vietnamese Cyber Mischief: PXA Stealer Strikes Europe and Asia’s Data Vaults
Vietnamese-speaking threat actors are using PXA Stealer malware to swipe sensitive data from government and education sectors in Europe and Asia. This Python-based menace is a digital pickpocket, targeting everything from browser cookies to gaming software. The malware’s creators aren’t shy, leaving Vietnamese breadcrumbs and a Telegram channel littered with national symbols.
Hot Take:
Looks like someone in Vietnam has been spending too much time watching Mr. Robot and decided to try their hand at a real-world hacking campaign. But instead of bringing down an evil corporation, they’re just out to swipe some cookies and wreak havoc on Facebook accounts. Talk about having your cookies and eating them too!
Key Points:
- Vietnamese threat actor linked to a new malware, PXA Stealer, targeting Europe and Asia.
- PXA Stealer focuses on stealing sensitive information, including browser cookies and gaming data.
- Connections to Vietnam identified through comments and icons in the malware code.
- PXA Stealer uses phishing emails to propagate, employing a Rust-based loader and PowerShell commands.
- Facebook business and advertisement accounts are prime targets for this malware.
Already a member? Log in here