Cybersecurity

Latrodectus and ACR Stealer Observed Spreading via Google Authenticator Phishing Site

The phishing site tricks users into downloading a malicious file disguised as Google Authenticator, which then drops the two malware components. The ACR Stealer exfiltrates data to a C&C server, while Latrodectus maintains persistence on the machine.