VenomSoftX, a part of ViperSoftX exploit ecosystem, and a lesser-known malware that began operating in 2020, has been continuously exploiting the Google Chrome browser, a recent report by malware protection service provider Avast stated. The malware reportedly captures content from the clipboard and steals information from the target computers.
ViperSoftX went through an extensive transformation over the years, and in 2022, it became proficient enough to strengthen its information-stealing and evasion skills, making it more powerful and effective. Among its features, the malware can remotely install a malicious Google Chrome extension on affected devices, steal cryptocurrency details and compromise data stored in the browser.
ViperSoftX infection attempts
According to the report, the researchers detected and blocked around 93,000 ViperSoftX infection attempts. Most incidents due to ViperSoftX were directed toward users from different countries, like the United States, Italy, India, and Brazil. They didn’t follow any known attack patterns, eliminating any cyber espionage activities by the threat actor.
However, the malware is still very proficient in its techniques and has tracked its route via torrent download websites where users can download games, videos, and premium cracked versions of paid software, keys, and activators. Once the exploit has been planted, the malware moves into action and retrieves information on the victim’s devices. The two cases where the threat actor used the malware to hardcode its crypto wallet addresses resulted in a loss of funds from the victim’s devices.