FormBook Data Stealer Sold on Hacking Forums is Used In Targeted Attacks
Security researchers, have found a series of malware (dubbed FormBook) attacks primarily targeting aerospace, defense contractors, and manufacturing in many countries, including the USA, Thailand and South Korea. They found that the PDF and DOC/XLS documents were largely used to target organizations.
FormBook malware was created to steal data from the infected computers, including keystrokes, clipboard contents, HTTP/HTTPS/SPDY/HTTP2 web forms and network requests, passwords from web browsers and email clients, and screenshots, and transfer it to the attacker server.
Anyone on the internet can rent FormBook malware for only $29 per 7 days or $59 per 30 days, which gives a variety of advanced spying abilities on target computers, including a keylogger, password stealer, network sniffer, taking the screenshots, web form data stealer and much more.
FormBook is a data stealer and form grabber that has been sold in many hacking forums since early 2016. It was seen downloading other malware families such as NanoCore. The credentials and other information collected by successful FormBook infections could be used for additional cybercrime activities.