Beware of virus stealing credit card data saved on Google
According to a recent study, credit card data saved on the Google browser are at risk.
Indeed, it would appear that due to a new module of the now well-known Emotet virus, information stored in the Chrome browser is being exposed.
Also in the crosshairs are all passwords stored in the browser for quick access to respective sites and bank accounts.
Indeed, thanks to the Proofpoint Threat Insights team of cybersecurity analysts, it was possible to reconstruct the dynamics by which Emotet manages to steal such information.
Initially, the virus is limited to retrieving card information, thus card name and number, expiration date and related CVV code.
Eventually Emotet sends this information to a remote control server called “C2,” making it much more complicated to trace back to the perpetrators of the fraud.
This variant also is not limited to stealing your credit card information, in fact in the absence of interesting financial information it has the ability to play the role of a trojan.
Emotet can in fact play the bridging role for the inoculation of other viruses, especially ransomware, eventually demanding a cash ransom from you or the company.
How the Emotet virus spreads
The spread of this new variant of Emotet is decidedly classic, that is, through apparently genuine and authoritative emails.
Sometimes even through PECs and apparently incensed email addresses containing deceptive and dangerous attachments, the purpose is always to trick you.
So once again it goes to exploit the reluctance of people and companies to adapt their information technology.
Once again, those who refuse to switch to cloud-based mail (such as GMail) due to fear of change turn out to be the easiest prey for hackers.
What are the origins of this virus?
There are several conflicting opinions on the origins of the Emotet virus, which was initially born in 2014 pursuing the sole purpose of stealing banking data.
With the addition of new modules, it has become more versatile and suitable for a variety of other purposes, always geared toward extortion, blackmail, and theft of money.
Several intelligence agencies believe that russian hackers are behind the development and spread of this virus, however, there are no certainties of any kind.
How can I defend myself against this virus?
The best solution to deal with this kind of danger is to stay up-to-date with technology, both from a technical and practical standpoint and from a personal knowledge standpoint.
In fact, considering that the virus spreads mostly via email attachments, it goes without saying that using a cloud service for mail would in itself stop 99.9% of potential attacks.
Personal and employee knowledge is also necessary to cover the remaining uncovered %, it is indeed important to be able to recognize anomalies.
Indeed, it is those small details that betray the virus; knowing where to look, what to watch for, helps defend against cybercrime.
Conversely, a distracted or unconscious surfer will find himself randomly clicking on any catchy icon or drawing, without understanding the consequences.
How can I remove Emotet if I have been infected?
If you are certain that you have been infected by Emotet, it is probably because your account or credit card has already been emptied.
In this case, you can perform a removal using one of the various tools made available by cybersecurity software houses.
One of them is EnigmaSoftware‘s SpyHunter.
It can remove every trace of the virus from your pc, files, folders, registry keys and backdoors.
If, on the other hand, you are in trouble and don’t know how to solve it, we at Made can intervene directly at your company, in which case do not hesitate to contact us.