ViperSoftX is an infostealer that has already been after crypto wallets, but its now attacking more of them, in addition to multiple web browsers - not just Google Chrome - and password managers as well.
It also has stronger code encryption now and is better at avoiding detection from antivirus tools.
It seems that now, however, ViperSoftX has extended its global reach, with Trend Micro detecting additional prominent activity in Australia, Japan, Taiwan, Malaysia and France. Enterprises and consumers alike are being targeted too. Analysts found that the malware is often hidden in software cracks and activators.
In addition to attacking many more crypto wallets now, the latest version of ViperSoftX has been found by Trend Micros to be scouring for files associated with 1Password and KeePass, and attempting to steal data related to their browser extensions.
An exploit tracked as CVE-2023-24055 does allow for stored passwords to be exported in a plain text file, but Trend Micro found now evidence that this is being used by ViperSoftX.
However, it told BleepingComputer that it could steal users' vaults in the later stages of the attack, once the malware has taken hold and extracted data from the victim's system and sent it to the threat actor.
More worringly, the new ViperSoftX uses DLL sideloading in order to be mistakenly recognized as a trusted process, thus remaining undetected by security software. It also checks to see if monitoring tools like VMWare or Process Monitor and antivirus software such as Windows Defender and ESET are present on the system before it it begins its processes.
It also uses byte mapping, a technique to encrypt its code in a way that makes it much harder to decrypt without having the correct map to do so.
- Here are the best firewall options around right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Lewis Maddison is a Staff Writer at TechRadar Pro. His area of expertise is online security and protection, which includes tools and software such as password managers.
His coverage also focuses on the usage habits of technology in both personal and professional settings - particularly its relation to social and cultural issues - and revels in uncovering stories that might not otherwise see the light of day.
He has a BA in Philosophy from the University of London, with a year spent studying abroad in the sunny climes of Malta.