Computer users who use Google Chrome as their search engine should beware a new malware strain that can steal saved credit card details from the internet browser.
The new malware that has been dubbed ‘Vega Stealer’ is a variant of the ‘August Stealer’ malware discovered in December 2016.
The new malware is being distributed through a spam e-mail campaign where it tries to trick people into clicking on it with subject lines likes ‘online store developer required’.
The email includes a Microsoft document called ‘brief.doc’ that contains malicious macros that deliver the Vega Stealer payload.
Once the malware has infected your computer, it starts to steal data from the desktop and relays it to a remote command and control centre. The data can include passwords, documents, and even credit card details of the computer user.
Security experts from Proofpoint who discovered the malware have warned Google Chrome users to be particularly vigilant about suspicious emails.
Proofpoint said: ‘While Vega Stealer is not the most complex or stealthy malware in circulation today, it demonstrates the flexibility of malware, authors, and actors, to achieve criminal objectives.
‘Because the delivery mechanism is similar to more widely distributed and mature threats, Vega Stealer has the potential to evolve into a commonly found stealer.
‘Vega Stealer could have longer lasting impacts if further developed and distributed. Due to the distribution and lineage, this threat may continue to evolve and grow.’
Considering that Google Chrome currently have around 62 per cent of the World’s search engine market according to the latest NetMarketShare stats, the threat is considerable.
The best way to stay safe from malware is to ensure that you never click on emails that looks in any way suspicious. Particularly if the email is allegedly from a well-known company but the email is not registered to their official domain.