Fortinet researchers have discovered a new strain of malware called “RedLine,” which is used to steal information and credentials. Attackers exploit COVID-19 Omicron news to lure people to the malware.
The RedLine Stealer variant steals stored credentials for VPN applications such as NordVPN, OpenVPN and ProtonVPN. Fortinet explained that threat actors have previously used COVID-related emails to spread RedLine Stealer variants. The malware was embedded in a document designed to be opened by a victim.
Commenting on the growth of the malware, Fortinet noted, “The malware emerged just as the world began to deal with increased numbers of COVID patients and the growing fear and uncertainty that can cause people to lower their guard, which may have prompted its developers to use COVID as its lure.”
“Based on the information collected by FortiGuard Labs, potential victims of this RedLine Stealer variant are spread across 12 countries. This indicates that this is a broad-brush attack and that the threat actors did not target specific organizations or individuals,” Fortinet explained
For more information, read the original story in ZDNet.