This newly-discovered malware targets Windows to steal sensitive data

Don’t worry… for now

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Fortinet hasunveiledpreliminary details of a ThirdEye, a new info-stealingmalwareawarded a medium severity level, meaning the risk posed to victims is potentially considerable.

The company’s FortiGuard Labs discovered the stealer when it came across suspicious-looking files in a cursory review.

The good news is that the analysts believe it not to be sophisticated in nature, but even so, Fortinet suggests that the information stolen from victim machines could go on to be used for future attacks.

ThirdEye infostealer witnessed in the wild

Suspicions were raised when the team found a Russian file name in a file archive. The name, “Табель учета рабочего времени.zip,” translates to timesheet. Inside the zipped folder are two files that pose as documents, but are actually executables.

These are the best identity theft protection tools around>This new malware is proving quite popular… and dangerous>Top NAS devices are being targeted by this dangerous malware

The .exe files are designed to target Windows machines, which have long been the subject of attacks. However, recent months have seen many attackers shift their attention to Android devices, with multiple reports of malicious apps being hosted in thePlay Store.

When successfully deployed, the malware steals information like BIOS and hardware data and sends it back to its C2 server.

While early versions of the malware, dating back to April, collected little more than client_hash, OS_type, host_name, and user_name, modifications a few weeks later added new parameters targeting CPU and RAM information, network interface data, and BIOS information.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Fortinet believes that the malware serves the purpose of “understanding and narrowing down potential targets,” and that it might be looking to target Russian victims given the language used and the fact that it was found on a public scanning service from the country.

Currently, the analysts aren’t overly concerned with the malware’s sophistication, but evidence of developments suggest that future versions could be even more intrusive.

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

This new malware utilizes a rare programming language to evade traditional detection methods

Google puts Nvidia on high alert as it showcases Trillium, its rival AI chip, while promising to bring H200 Tensor Core GPUs within days

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time