{"id":162793,"date":"2023-04-25T06:22:19","date_gmt":"2023-04-25T11:22:19","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2023\/04\/new-all-in-one-evilextractor-stealer-for-windows-systems-surfaces-on-the-dark-web"},"modified":"2023-04-25T06:22:19","modified_gmt":"2023-04-25T11:22:19","slug":"new-all-in-one-evilextractor-stealer-for-windows-systems-surfaces-on-the-dark-web","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2023\/04\/new-all-in-one-evilextractor-stealer-for-windows-systems-surfaces-on-the-dark-web","title":{"rendered":"New All-in-One \u201cEvilExtractor\u201d Stealer for Windows Systems Surfaces on the Dark Web"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/new-all-in-one-evilextractor-stealer-for-windows-systems-surfaces-on-the-dark-web2.jpg\"><\/a><\/p>\n<p>A new \u201call-in-one\u201d stealer malware named <strong>EvilExtractor<\/strong> (also spelled Evil Extractor) is being marketed for sale for other threat actors to steal data and files from Windows systems.<\/p>\n<p>\u201cIt includes several modules that all work via an FTP service,\u201d Fortinet FortiGuard Labs researcher Cara Lin <a href=\"https:\/\/www.fortinet.com\/blog\/threat-research\/evil-extractor-all-in-one-stealer\" rel=\"noopener\" target=\"_blank\">said<\/a>. \u201cIt also contains environment checking and Anti-VM functions. Its primary purpose seems to be to steal browser data and information from compromised endpoints and then upload it to the attacker\u2019s FTP server.\u201d<\/p>\n<p>The network security company said it observed a surge in attacks spreading the malware in the wild in March 2023, with a majority of the victims located in Europe and the U.S. While marketed as an educational tool, EvilExtractor has been adopted by threat actors for use as an information stealer.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A new \u201call-in-one\u201d stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed for sale for other threat actors to steal data and files from Windows systems. \u201cIt includes several modules that all work via an FTP service,\u201d Fortinet FortiGuard Labs researcher Cara Lin said. \u201cIt also contains environment checking and Anti-VM functions. Its [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34,32],"tags":[],"class_list":["post-162793","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode","category-education"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/162793","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=162793"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/162793\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=162793"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=162793"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=162793"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}