More sophisticated ViperSoftX info stealer emerges

Numerous enterprises and consumers across the U.S., Australia, Japan, and India have been compromised in attacks leveraging the updated ViperSoftX information-stealing malware, which features more advanced encryption approaches in addition to traditional anti-analysis techniques, The Hacker News reports. Cracked software, key generators, and non-malicious software are being leveraged to facilitate the distribution of ViperSoftX, which conducts several checks prior to downloading an initial stage PowerShell loader, according to a Trend Micro report. Researchers found that the second-stage PowerShell script is later decrypted and executed to install malicious browser extensions that could exfiltrate passwords and crypto wallet data from Google Chrome, Mozilla Firefox, and Microsoft Edge, as well as the Brave and Opera browsers. "The cybercriminals behind ViperSoftX are also skilled enough to execute a seamless chain for malware execution while staying under the radar of authorities by selecting one of the most effective methods for delivering malware to consumers," said Trend Micro researcher Don Ovid Ladores.