New Crypto-Stealer ‘Panda’ Spread via Discord

silversurfer

Level 84
Thread author
Verified
Helper
Top poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
7,552
Yet another new information stealer – Panda Stealer – is being spread through a worldwide spam campaign.

On Tuesday, Trend Micro researchers said that they first spotted the new stealer in April. The most recent wave of the spam campaign has had the biggest impact in Australia, Germany, Japan and the U.S.

The spam emails are masquerading as business-quote requests to lure victims into clicking on booby-trapped Excel files. The researchers found 264 files similar to Panda Stealer on VirusTotal, with some of them being shared by threat actors on Discord.

That’s not surprising, given recent trends: Cisco’s Talos cybersecurity team recently found that threat actors have infiltrated workflow and collaboration tools like Slack and Discord to slip past security and deliver info-stealers, remote-access trojans (RATs) and other malware.