White Snake to Steal Credit Cards CVC Codes from Chrome

The White Snake malware has been updated to take advantage of a new feature in the latest Google Chrome version. This update lets malware steal CVC codes from credit cards saved in browsers, posing a serious online security threat, according to reports on X.

• Alert
• Vulnerabilities

Eight New ICS Advisories released by CISA

By infosecbulletin / Saturday , December 21 2024

CISA has released eight advisories on vulnerabilities in Industrial Control Systems (ICS). These vulnerabilities affect essential software and hardware in...

Read More

• Cyber Attack
• Ransomware

Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI

By infosecbulletin / Friday , December 20 2024

Bank Rakyat Indonesia (BRI), the largest state bank by assets, has assured customers that their data and funds are secure...

Read More

• Data Breach

London-based company “Builder.ai” reportedly exposed 1.2 TB data

By infosecbulletin / Friday , December 20 2024

Cybersecurity researcher Jeremiah Fowler reported to Website Planet that he found a non-password-protected 1.2 TB dataset containing over 3 million...

Read More

• Alert
• Vulnerabilities

(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall

By infosecbulletin / Friday , December 20 2024

Sophos has fixed three separate security vulnerabilities in Sophos Firewall.  The vulnerabilities CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729 present major risks, such...

Read More

• Event
• National

“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA

By infosecbulletin / Thursday , December 19 2024

A time-demanding workshop on "Cybersecurity Awareness and Needs Analysis" was held on Thursday (December 19) at Bangladesh Bank Training Academy...

Read More

• Alert
• Vulnerabilities

CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability

By infosecbulletin / Thursday , December 19 2024

Kaspersky's Global Emergency Response Team (GERT) found that attackers are exploiting a patched SQL injection vulnerability (CVE-2023-48788) in Fortinet FortiClient...

Read More

• Hot Topic
• International

U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports

By infosecbulletin / Wednesday , December 18 2024

The US government is considering banning a well-known brand of Chinese-made home internet routers TP-Link due to concerns that they...

Read More

• Daily Security Update

Daily Security Update Dated: 18.12.2024

By infosecbulletin / Wednesday , December 18 2024

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...

Read More

• Uncategorized

CISA released best practices to secure Microsoft 365 Cloud environments

By infosecbulletin / Wednesday , December 18 2024

CISA has issued Binding Operational Directive (BOD) 25-01, requiring federal civilian agencies to improve the security of their Microsoft 365...

Read More

• Uncategorized

Data breach! Ireland fines Meta $264 million, Australia $50m

By infosecbulletin / Wednesday , December 18 2024

The Irish Data Protection Commission fined Meta €251 million ($263.6 million) for GDPR violations related to a 2018 data breach...

Read More

Chrome’s New Feature Draws Attention:

Google Chrome version 129, released on September 17, 2024, added new features for a better user experience.

One such feature is the ability to store CVC codes from credit cards directly within the browser for easier online transactions.

This feature was meant to simplify payments but has unintentionally drawn the attention of cybercriminals and infostealer developers.

White Snake Malware Update:

White Snake has swiftly adapted to this new opportunity. Malware developers have improved their tools to target and extract stored CVC codes from victims’ browsers. This upgrade enables White Snake to collect full credit card information, facilitating fraud and theft for cybercriminals.

White Snake’s use of the new Chrome feature highlights the ongoing struggle between software developers and cybercriminals. Users should be careful when storing sensitive information in browsers and consider using password managers or secure payment platforms instead.

Cybersecurity experts advise users to keep their security software updated and stay alert for any suspicious account activity. Google will fix this vulnerability in future updates, but users should take steps now to protect their financial information.