Vega Stealer, the malware that steals passwords from Chrome and Firefox

Computer security researchers have discovered a new malware that can steal all user data on Chrome and Firefox web browsers

Computer security researchers at ProofPoint have discovered a new malware, called Vega Stealer, that is designed to collect users' banking data and credit card credentials saved on Google Chrome and Mozilla Firefox web browsers.

Vega Stealer is nothing but a new variant of August Stealer crypto-malware,a previously registered virus that steals credentials, sensitive documents, cryptocurrency wallets and other information  that users store in the two popular web browsers. At the moment, Vega Stealer is only being used in small phishing campaigns, but researchers believe that the malware in the near future may become a major player in serious attacks on large companies and SMBs. ProofPoint researchers, in particular, have found phishing campaigns to spread Vega Stealer designed to target the marketing departments of several large retail companies.

How the password stealing virus works

The malicious emails used to spread the virus contain an attachment called "brief.doc" which, when downloaded, activates the malicious code responsible for Vega Stealer malware. Once downloaded, the malware obtains administrator credentials and is therefore able to perform any action it wants. This way Vega Stealer can steal information such as passwords, credit card numbers and other payment information, cookies and much more. On Mozilla Firefox, on the other hand, the malware collects specific files, "key3.db", "key4.db", "logins.json" and "cookies.sqlite", inside which all our passwords are stored. At the moment, it is still unclear whether an organized group of cyber criminals is behind this new attack, although some parts of the code can be traced back to the developers of the Emotet banking trojan.

How to defend yourself against the password-stealing virus

In order not to get infected with Vega Stealer, it is imperative to first of all avoid downloading email attachments if you are not sure where they come from. In case we receive email messages from strange addresses or if we notice some serious error in the body of the text, we contact the sender and verify that it was actually him who sent the message. Do not forget to update your antivirus regularly, so that with a simple scan the software can track down and block malware.