Dark
Light

Emansrepo Malware: HTML Files Weaponized Against Windows Users

1 min read
59 views

TLDR:

  • Emansrepo malware weaponizing HTML files to attack Windows users
  • Malware discovered by FortiGuard Labs in August 2024

A Python infostealer called Emansrepo has been weaponizing HTML files to attack Windows users. Discovered by FortiGuard Labs in August 2024, the malware started operating in November 2023 by sending exfiltrated data to the attacker’s email. The evolution of the attack flow and the means used in data extraction have been heightened, with attackers targeting non-Python users as well. The malware operates in three phases, harvesting user data, extracting PDFs, and exfiltrating browser cookies. The attack chain involves multiple stages of infection, including the use of Python malware for data exfiltration. A connected campaign utilizing Remcos has also been identified, highlighting the critical need for robust cybersecurity measures.

Previous Story

Watch out for Bookingcom phishing scams targeting travelers

Next Story

Prevent account takeovers with this new effective method now

Latest from News