Published: June 19, 2022 on our newsletter Security Fraud News & Alerts Newsletter.
A malware that’s been around for two years is still wreaking havoc on Windows devices. Although a patch for Internet Explorer’s (IE) browser has been available for more than a year, many Android users have yet to apply it. As a result, the malware known as RedLine Stealer is finding those unpatched devices using IE. This allows RedLine Stealer to do what it does best, steal all data stored in the browser. Recently, the malware also unleashed a massive spam email campaign you’ll want to avoid, too.
A vulnerability found in IE (CVE-2021-26411) was made public last year, and a patch for the flaw was also issued at the time. Only users who haven’t yet applied the security patch are vulnerable to RedLine Stealer. Although data stored in a browser is encrypted, RedLine decrypts all of the contents. Other than applying the security patch – and quickly, those using IE have another decision to make very soon.
With the end of IE 11 (the last major update version) quickly approaching on June 15 of 2022, the browser will no longer be supported. In the meantime, RedLine Stealer could be targeting your unpatched Windows device next.
RedLine Stealer Crosses The Red Line
Now being leased as malware-as-a-service for $100 a pop ($800 for a lifetime subscription), RedLine Stealer pilfers everything from IE browsers. The stolen data includes PII like usernames, credit cards, cookies, FTP credentials, chat logs, files, VPN login credentials, cryptocurrency wallet contents, and other personal and valuable data.
As of last month, this malware added new features and a massive email spam campaign to its arsenal. RedLine hides in the spam email’s attachment, a reminder not to open attachments unless you’re absolutely sure the sender is safe. Also be sure to avoid any attachments or links that are not expected. Taking the risk may end up being one your regret.
RedLine also recently upped its game to include making downloads, running other malware, taking screenshots of active Windows’ screens, and executing additional commands.
Microsoft Build’s website tells us what happens when the IE browser is no longer supported, saying “Upon retirement or end of support, there will be no new security updates, non-security updates, free or paid assisted support options or online technical content updates.” For those still holding onto IE, it’s time to get comfortable with a new browser.