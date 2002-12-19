Stories
Slash Boxes
Comments

SoylentNews is people

New Chrome Password Stealer Sends Stolen Data to a MongoDB Database

posted by janrinok on Monday December 02, @09:07PM   Printer-friendly
from the who-controls-the-database? dept.
Security News

upstart writes:

Submitted via IRC for SoyCow1337

New Chrome Password Stealer Sends Stolen Data to a MongoDB Database

A new Windows trojan has been discovered that attempts to steal passwords stored in the Google Chrome browser. While this is nothing unique, what stands out is that the malware uses a remote MongoDB database to store the stolen passwords.

This trojan is called CStealer, and like many other info-stealing trojans, was created to target and steal login credentials that were saved in Google Chrome's password manager.

[...] Instead of compiling the stolen passwords into a file and sending them to a C2 under the attackers control, the malware connects directly to a remote MongoDB database and uses it to store the stolen credentials. To do this, the malware includes hardcoded MongoDB credentials and utilizes the MongoDB C Driver as a client library to connect to the database.

Original Submission


«  Researchers Get a First Look at Exactly What Happens During a Chemical Reaction
New Chrome Password Stealer Sends Stolen Data to a MongoDB Database | Log In/Create an Account | Top | Search Discussion
Display Options Threshold/Breakthrough Reply to Article Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.