ViperSoftX is an information-stealing malware that steals various data from infected computers. The malware is also known to install a malicious extension named VenomSoftX on the Chrome browser.
In the latest version analyzed by Trend Micro, the targeted browsers now include Brave, Edge, Opera, and Firefox too.
The malware was
first documented in 2020 as a JavaScript-based RAT (remote access trojan) and cryptocurrency hijacker. However, in November 2022,
Avast reported that ViperSoftX was circulating a new, much more potent version.
Avast said at the time that it had detected and stopped 93,000 attacks against its clients between January and November 2022, with most victims residing in the U.S., Italy, Brazil, and India.
This week, Trend Micro reported that ViperSoftX targets both the consumer and enterprise sectors, with Australia, Japan, the United States, India, Taiwan, Malaysia, France, and Italy accounting for over 50% of the detected activity.
Based on the analysts' observations, the malware typically arrives as software cracks, activators, or key generators, hiding within benign-appearing software.
