The new Zloader banking malware can steal your sensitive data. Check Point Research (CPR), the first security firm that discovered this virus, said that this malicious content is being used by Malsmoke hacking group. 

Zloader Banking Malware Uses Microsoft E-Signature Tool Vulnerability to Steal Sensitive Credentials
(Photo : Photo by NICOLAS ASFOURI/AFP via Getty Images)
In this file photo taken on August 04, 2020, Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, uses his computer at their office in Dongguan, China's southern Guangdong province. - As the number of online devices surges and super-fast 5G connections roll out.

This cybercrime union uses this new banking malware to abuse the flaw in Microsoft's popular e-signature verification system. Combing the vulnerability and the computer virus allows them to exploit the malware and steal consumers' sensitive information. 

"Previous Zloader campaigns, which were seen in 2020, used malicious documents, adult sites, and Google ads to infect systems," said Check Point Research via its official blog post

The giant security firm continued its observation last November 2021 and discovered that it is being used again by the Malsmoke hacking group. 

Zloader Banking Malware's Severity 

According to ZDNet's latest report, the new banking malware has already affected around 2,100 people in different countries. The majority of the victims are in the United States, India, and Canada. 

Zloader Banking Malware Uses Microsoft E-Signature Tool Vulnerability to Steal Sensitive Credentials

(Photo : Photo by Adam Berry/Getty Images)
A particpant checks a circuit board next to an oscilloscope on the first day of the 28th Chaos Communication Congress (28C3) - Behind Enemy Lines computer hacker conference on December 27, 2011 in Berlin, Germany. The Chaos Computer Club is Europe's biggest network of computer hackers and its annual congress draws up to 3,000 participants.

Also Read: Hospital Data Breach Exposes Personal Info of 1.3 Million Patients, Staff

As of the moment, CPR said they see the malicious campaign in around 111 countries. When Zloader was first discovered, malicious actors were using it to exploit Trojan viruses to steal banking credentials. 

Because of this, it was closely connected to other ransomware models. On the other hand, Check Point Research works using a legitimate remote management software called Atera. 

Zloader uses this system as a springboard to infect other systems. If you want to see more details about this new banking malware, you can check this link.   

Microsoft E-Signature Verification's Flaws 

CPR's security experts confirmed three vulnerabilities in Microsoft's e-signature verification tool that are being exploited by the new banking malware. 

These include the following: 

  • CVE-2020-1599
  • CVE-2013-3900
  • CVE-2012-0151

Microsoft explained that updates to fix these flaws were already released. However, they are not installed by default. This means that consumers who will not download the updates manually will certainly be affected by the new computer virus. 

In other news, another malware called RedLine was able to breach more than 400,000 accounts. Meanwhile, T-Mobile's system was recently breached using the so-called sim swapping method. 

For more news updates about Zloader malware and other computer viruses, always keep your tabs open here at TechTimes.  

Related Article: New iOS 15.1 Bug Makes iPhone Unusable! Your Data Might Also be at Risk

This article is owned by TechTimes

Written by: Griffin Davis

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion