When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
That allows them to grab user login credentials and one-time passwords (OTP).
That allows the attackers to grab the passwords and intercept multi-factor authentication codes and one-time passwords.
The operators can also change the scripts behavior, by sending updates and instructions via a C2 server.
IBM warns that the campaign is still active and advises caution when using online banking sites and apps.
ViaBleepingComputer
