Close Menu
  • Latest News
    • Market
    • Altcoins
    • Legal and Regulatory
  • Tech
    • Blockchain
    • Security and Privacy
  • Web 3
    • Web3 News
    • NFTs
    • Gaming
  • Learn
    • Education
    • Investments
    • Staking
    • Wallets and Exchanges
  • ICOs
  • Mining
  • Crypto Tools
    • Exchange Tool
  • Shop
What's Hot

‘Overly bearish and simplistic’ – Ark Invest fires back after a16z says TradFi wants blockchain, not DeFi

July 17, 2026

U.S. Senate unanimously opposes clemency for FTX founder Sam Bankman-Fried

July 17, 2026

MetaMask marks 10 years with plans to expand beyond wallets

July 17, 2026
Facebook X (Twitter) Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook X (Twitter) Instagram
CryptoPulseDaily.com
  • Latest News
    • Market
    • Altcoins
    • Legal and Regulatory
  • Tech
    • Blockchain
    • Security and Privacy
  • Web 3
    • Web3 News
    • NFTs
    • Gaming
  • Learn
    • Education
    • Investments
    • Staking
    • Wallets and Exchanges
  • ICOs
  • Mining
  • Crypto Tools
    • Exchange Tool
  • Shop
CryptoPulseDaily.com
Home»Security and Privacy»Windows Systems Targeted in Multi-Stage Malware Attack
Windows Systems Targeted in Multi-Stage Malware Attack
Security and Privacy

Windows Systems Targeted in Multi-Stage Malware Attack

September 12, 2023No Comments2 Mins Read
Share
Facebook Twitter LinkedIn Pinterest Email

A multi-stage malware attack has recently come to light, with Windows systems as its primary target, according to security researchers at Fortinet.

This campaign, discovered in August, employs a series of malicious tactics capable of compromising organizations in several ways.

According to a technical blog post published by Fortinet security expert Cara Lin on Monday, the attack begins with a phishing email, delivering a malicious Word document as an attachment. This document contains a deceptive image and a counterfeit reCAPTCHA to lure recipients into clicking. Once activated, the document triggers an embedded malicious link, setting the stage for the attack’s progression.

The initial loader, downloaded from a specific URL, deploys a binary padding evasion strategy, increasing the file size to 400 MB. It then unleashes a series of payloads, including OriginBotnet for keylogging and password recovery, RedLine Clipper for cryptocurrency theft and AgentTesla for harvesting sensitive information.

Read more on AgentTesla: Lokibot, AgentTesla Grow in January 2023’s Most Wanted Malware List

Lin explained that each attack stage is meticulously orchestrated to maintain persistence and evade detection. The malware employs encryption and decryption techniques, utilizing Base64 encoding, AES-CBC and AES-ECB algorithms to conceal its activities.

RedLine Clipper, one of the malicious components, specializes in cryptocurrency theft by altering the user’s system clipboard activities to replace cryptocurrency wallet addresses with those belonging to the attacker. This tactic preys on users who copy and paste wallet addresses during transactions, leading to the accidental transfer of funds to the attacker.

AgentTesla, another malware variant, is designed to log keystrokes, access the clipboard and scan disks for valuable data, all while communicating with a command-and-control (C2) server. It establishes persistence and can exfiltrate data via various communication channels.

See also  Operation Prowli Malware Infected 40,000 Machines

OriginBotnet, the third component, collects sensitive data and communicates with its C2 server, downloading additional files for keylogging and password recovery. It employs encryption techniques to obfuscate its traffic.

“The attack demonstrated sophisticated techniques to evade detection and maintain persistence on compromised systems,” Lin warned.

Organizations are urged to remain vigilant, bolster their cybersecurity defenses and educate employees on the dangers of phishing emails to mitigate their risk effectively.

Editorial image credit: rawf8 / Shutterstock.com

Source link

Attack Malware MultiStage Systems Targeted Windows
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Modular macOS Stealer Uses Kill Loops to Force Password Entry

July 16, 2026

Ostium loses $18 million in oracle attack that gamed its own price-feed infrastructure

July 15, 2026

Robinhood Chain tokens are reportedly vanishing from wallets causing buyers to lose funds

July 13, 2026

Convicted scammer’s “seized” crypto moves to unknown wallets while in prison as DOJ failed to secure funds

July 13, 2026
Add A Comment
Leave A Reply Cancel Reply

Top Posts

Hong Kong Financial Secretary Claims City Outpaces Europe in Crypto Regulation

May 27, 2026

XRP On-Chain Activity Surges Despite Regulations

September 8, 2023

Unstoppable Domains and Kintsugi Global, Inc. Roll Out Web3 Identities for 2.8 Billion Anime Fans

May 27, 2023

Subscribe to Updates

Get the latest creative news From Crypto Daily Pulse directly in your Inbox!

Our mission is to develop a community of people who try to make financially sound decisions. The website strives to educate individuals in making wise choices about Crypto, ICOs, Web3, Blockchain and more.

We're social. Connect with us:

Facebook X (Twitter) Instagram Pinterest YouTube
Top Insights

‘Overly bearish and simplistic’ – Ark Invest fires back after a16z says TradFi wants blockchain, not DeFi

July 17, 2026

U.S. Senate unanimously opposes clemency for FTX founder Sam Bankman-Fried

July 17, 2026

MetaMask marks 10 years with plans to expand beyond wallets

July 17, 2026
Get Informed

Subscribe to Updates

Get the latest creative news From Crypto Daily Pulse directly in your Inbox!

  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2026 Crypto Pulse Daily - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.

Cleantalk Pixel
  • bitcoinBitcoin(BTC)$62,771.00-3.13%
  • ethereumEthereum(ETH)$1,830.90-4.78%
  • tetherTether(USDT)$1.00-0.01%
  • binancecoinBNB(BNB)$567.90-2.47%
  • usd-coinUSDC(USDC)$1.000.01%
  • rippleXRP(XRP)$1.08-2.76%
  • solanaSolana(SOL)$74.54-3.65%
  • tronTRON(TRX)$0.321851-0.66%
  • Figure HelocFigure Heloc(FIGR_HELOC)$1.02-1.67%
  • HyperliquidHyperliquid(HYPE)$59.24-11.11%