On a well-known Russian Telegram channel, a new credential-stealing botnet known as Zaraza bot is being advertised. It has the ability to steal sensitive data, including login details for 38 well-known web browsers. Additionally, it misuses Telegram to get around security measures. The Zaraza bot examines the infected machine for a list of 38 different browsers, including Microsoft Edge, Google Chrome, Brave, Opera, Yandex, Vivaldi, and AVG Browser, according to the Uptycs research team.
It steals login information for bank accounts, email accounts, cryptocurrency wallets, and other financial websites. To steal passwords, it targets particular databases and files inside the browser. If the login information is encrypted, Zaraza decrypts it before stealing.