Updated on 2022-11-23
VenomSoftX, a malicious Google Chrome extension, was found being deployed via cracked software. It can conduct man-in-the-browser attacks, steal cryptocurrencies, and perform other nefarious activities. Read more: ViperSoftX: Hiding in System Logs and Spreading VenomSoftX
Overview
Avast has analyzed recent changes in the operations of ViperSoftX, an infostealer that has been seen in the wild since 2019. Avast says that in recent attacks, the ViperSoftX operators have switched to using their malware to install an extension for Chromium-based browsers in order to execute a MitM attack when users visit cryptocurrency platforms to steal credentials and swap wallet addresses with one they operate. Read more: ViperSoftX: Hiding in System Logs and Spreading VenomSoftX
