Share this article

Latest news

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

The Vcrums malware targets browsers and popular apps

Vcrums can deploy malware into your device and control it

2 min. read

Updated onMarch 14, 2024

updated onMarch 14, 2024

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Fortinet’s FortiGuard Labs discovered the Vcrums malware. The cybercriminals behind the malware used email as their command and control center. Furthermore, they uploaded their malicious files on Amazon Web Services (AWS) and GitHub. In addition, to avoid detection, they used a commercial protector. Moreover, the cybercriminals are using aphishing campaignto lure us into installing the malware.

How does the Vcrums malware work?

The Vcrums malware users target devices with Java installed. In addition, a successful infiltration into the system grants them full control over it. Furthermore, to spread the Vcrums and StrRAT malware,threat actorstrick users into downloading a malicious Java client by sending what seems to be a legitimate email. Also, they disguise the email as an urgent recipient. On top of that, StrRAT acts as a ransomware attack. However, instead of encrypting and locking data, it steals it.

Once you download the Java content of the email, the Vrcums malware starts installing and executing additional malicious JAR files. By doing this, cybercriminals expand their control over your device. Furthermore, the Vcrum malware can monitor you and use password recovery tools and keyloggers to steal your login information. Additionally, the malware steals information from popular browsers such as Chrome, Brave, Edge, Vivaldi, Opera, OperaGX, and Firefox and applications like Discord and Steam.

Ultimately, Vcrums comes with StrRAT and several other malware in a pack. Moreover, it disguises itself as a common file format, such as.jpg. Also, it uses obfuscation services to avoid detection. On top of that, the malware can send data through emails and install more files. Thus, to defend against the Vcrums malware, always verify the source of your emails. Furthermore,according to Fortinet, you should consider deploying updated security solutions. In addition, the company recommends you perform network segmentation.

What are your thoughts? Do you have the latest security solutions to protect you from Vcrums? Let us know in the comments.

More about the topics:Cybersecurity,malware,Ransomware

Sebastian Filipoiu

Sebastian is a content writer with a desire to learn everything new about AI and gaming. So, he spends his time writing prompts on various LLMs to understand them better. Additionally, Sebastian has experience fixing performance-related problems in video games and knows his way around Windows. Also, he is interested in anything related to quantum technology and becomes a research freak when he wants to learn more.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Δ

Sebastian Filipoiu

Sebastian is a content writer with a desire to learn everything new about AI and gaming.