LokiBot Trojan Malware (a.k.a LukiBot, Lokibot, Loki PWS, and Loki-bot) is active again stealing sensitive information such as usernames, passwords, cryptocurrency wallets, and other credentials. It was first discovered in 2015 and has been used in attacks on and off since then but is now very active again.
The recent Cert Alert, Sept 22, 2020 has detailed info: https://us-cert.cisa.gov/ncas/alerts/aa20-266a
Among the more effective mitigations (described in the alert) for lessening the impact is the use of 2FA/MFA authentication for any services that supports it. Number four on the list of mitigations is the following bullet point:
- Enforce multi-factor authentication. See Supplementing Passwords for more information.
Security Tip (ST05-012) – Supplementing Passwords (…with MFA) https://us-cert.cisa.gov/ncas/tips/ST05-012
Green Rocket Security provides the latest in 2FA and MFA technology, everything from One-Time Password/U2F tokens to Smartphone Apps (iOS/Android) and Server/Service Backend providing a complete end-to-end multi-factor authentication solution. Contact us today for information on preventing attacks based on credential-stealing malware. https://www.greenrocketsecurity.com/contact/