New AgingFly malware used in attacks on Ukraine govt, hospitals

A new malware family called 'AgingFly' has been discovered targeting Ukrainian local government entities and hospitals. The malware is designed to steal authentication credentials from Chromium-based browsers and WhatsApp messenger, enabling threat actors to gain unauthorized access to sensitive systems and communications. The targeting of healthcare facilities alongside government networks indicates a potentially state-sponsored campaign with strategic objectives. Organizations should immediately audit browser password stores, enforce multi-factor authentication, and implement endpoint detection solutions to identify credential theft attempts. The use of a new, previously undocumented malware family suggests actors are actively evolving their toolset to evade detection while targeting critical infrastructure in Ukraine.

A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal authentication data from Chromium-based browsers and WhatsApp messenger. [...]

A new malware family called 'AgingFly' has been discovered targeting Ukrainian local government entities and hospitals. The malware is designed to steal authentication credentials from Chromium-based browsers and WhatsApp messenger, enabling threat actors to gain unauthorized access to sensitive systems and communications. The targeting of healthcare facilities alongside government networks indicates a potentially state-sponsored campaign with strategic objectives. Organizations should immediately audit browser password stores, enforce multi-factor authentication, and implement endpoint detection solutions to identify credential theft attempts. The use of a new, previously undocumented malware family suggests actors are actively evolving their toolset to evade detection while targeting critical infrastructure in Ukraine. A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal authentication data from Chromium-based browsers and WhatsApp messenger. [...] A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal authentication data from Chromium-based browsers and WhatsApp messenger. [...]