14 DAY TRIAL // Security firm Symantec has uncovered a spam campaign that’s designed to distribute Spyware.Redpill, a threat that can help cybercriminals steal information, including bank account details, social media website credentials, emails and documents.
The malware is distributed as an attachment. When the file is executed, the victim is presented with an error message which claims the “data file is corrupted.”
In the background, the malware is installed and it starts collecting information.
To ensure that the malicious element is executed each time the computer starts, registry entries are created.
The information stolen by Redpill is sent back to an email account that’s hardcoded into the malware. 12,000 emails were sent to that address in March 2013 alone.
Initially, Redpill was developed to collect information that would help users learn if their partners were cheating on them. However, its purpose has clearly changed since then.