Vega Stealer is categorized as a Trojan that was proved to be a heavily modified version of an older Stealer malware called August Stealer. Both vega Stealer and August Stealer are written in .NET and take advantage of code libraries that are shipped with Windows 10, WIndows 8 and Windows 7 which allows for enhanced compatibility and lack of reliance on unsigned code. The Vega Stealer may evade many AV scanners given that it uses a limited volume of unsigned libraries and utilizes code signed by Microsoft. PC users may come into contact with Vega Stealer when they open spam emails with subject lines that look like job offers and product delivery reports.
The Attacks by the Vega Stealer Have a Limited Scope
Vega Stealer was announced by computer security researchers in May 2018, and it was reported that it features several major differences compared to August Stealer. The original Trojan was equipped with tools that extract user credentials from Web browsers like Google Chrome, Mozilla Firefox, Opera; IM clients like Skype; and email managers like Thunderbird. However, Vega Stealer appears to be aimed solely at the latest versions of Google Chrome and Mozilla Firefox at least for now. Once, the Vega Stealer malware enters the PC it conducts a wide scan for various file formats including .DOC, .DOCX, .TXT, .RTF, .XLS, .XLSX, .PDF. The threat extracts the data enclosed in targeted file formats and uploads it to a ‘Command and Control’ server. Moreover, the Vega Stealer Trojan is said to monitor network protocols used by Google and Mozilla.
The Vega Stealer may Become Part of Larger Campaigns in the Future
Many cybersecurity experts alert that Vega Stealer can be used to gain access to social media accounts, online banking accounts and steal data from remote computers easily. The Vega Stealer uses may obfuscation layers, and it is difficult to detect. It is not recommended to rely solely on the password storage of Google Chrome. You might want to install a reliable password manager with support for Google Chrome and Mozilla Firefox that can protect your credentials in an encrypted vault. Ignore spam emails, don’t forget to make backups regularly, keep track of your funds online and monitor the activity associated with your devices so that you can minimize damages that can be caused by threats like Vega Stealer.