Stresspaint Malware Steals Facebook Credentials and Session Cookies

[LASER_oneXM]

Content source

https://www.bleepingcomputer.com/news/security/stresspaint-malware-steals-facebook-credentials-and-session-cookies/

Security researchers have spotted a new information stealer that collects Chrome login data from infected victims, along with session cookies, and appears to be looking for Facebook details in particular, according to a Radware threat alert the company shared with this reporter.

The new trojan, named Stresspaint, has been found hidden inside a free Windows application named "Relieve Stress Paint," distributed via аоӏ.net —a domain that uses Unicode characters, which when converted to Punycode spell out xn--80a2a18a.net, instead of the real aol.net.
Radware believes crooks are using email and Facebook spam to direct users to this misleading website.
....
....
...

 

[ForgottenSeer 69673]

Looks like only Chrome users are effected? It also sounded like most AV's detect this now?

 

[silversurfer]

Sample available here:
https://malwaretips.com/threads/stresspaint-malware.82119/#post-728419