Hackers linked to Vietnamese-speaking cybercriminal groups have stolen sensitive data from thousands of victims across the world as part of an ongoing cybercrime campaign that uses the messaging platform Telegram to automate the resale of compromised information, researchers have found.
According to new reports by Beazley Security Labs and SentinelLabs, the attackers have used a Python-based malware called PXA Stealer to collect passwords, financial credentials, browser cookies and cryptocurrency wallet data from infected devices in at least 62 countries, including the United States, South Korea, the Netherlands, Austria and Hungary.
The campaign is “rapidly evolving,” the research teams jointly said, adding that “PXA Stealer, and the threat actors behind it, continue to feed the greater infostealer ecosystem.”
