Latrodectus and ACR Stealer Observed Spreading via Google Authenticator Phishing Site
The phishing site tricks users into downloading a malicious file disguised as Google Authenticator, which then drops the two malware components. The ACR Stealer exfiltrates data to a C&C server, while Latrodectus maintains persistence on the machine.
Cyware News – Latest Cyber News – Read More