By Penny Smith
The country’s cybersecurity authority is alerting approximately 26,000 individuals about malware that possesses the capacity to appropriate sensitive information, including email addresses and passwords.
The national cybersecurity agency of New Zealand is issuing a stark warning to tens of thousands of residents, informing them that their devices may fall victim to pernicious software.
On Wednesday, the National Cyber Security Centre (NCSC) dispatched emails to around 26,000 recipients, cautioning them about the Lumma Stealer malware, specifically engineered to pilfer sensitive data such as email addresses and passwords.
Alarmingly, some of the compromised passwords were linked to governmental and banking systems.
Michael Jagusch, chief operating officer of the NCSC, remarked that this was the inaugural instance of the agency reaching out to such a substantial number of individuals.
“We have collaborated with various New Zealand government bodies and financial institutions to safeguard their impacted clients. Nevertheless, there exists a considerable cohort of users we must now contact directly,” he stated.
“While malware of this nature is relatively ubiquitous, the scale of individuals affected in New Zealand underscores the necessity for these extensive outreach efforts.”
Lumma Steerer was strategically crafted to evade detection, with a tendency to infect devices operating on Microsoft Windows.
“The malware’s intent is to furnish cybercriminals with information that could facilitate unauthorized access to accounts, with the ultimate aim of financial theft,” Jagusch elucidated.
“Furthermore, the information may be exploited for additional assaults … Cybercriminals could customize phishing attacks aimed at you and your family.”
Jagusch indicated that it is improbable that the affected individuals were specifically targeted.
“More than likely, these individuals unwittingly downloaded the software by clicking on a link in a phishing email or retrieving it from a compromised site,” he detailed.
He further noted that Lumma Stealer is available for acquisition on the dark web.
“The commercialization of cybercrime has escalated, ensuring that malware like this can be procured by anyone across the globe,” he asserted.
The NCSC identified the attack through an international threat-sharing forum.
The agency encourages those receiving the alert to visit its Own Your Online website for guidance on recognizing and eradicating the malware, or to consult an IT professional for assistance.
Source link: Rnz.co.nz.
