麒麟勒索软件组织通过新的凭据收集策略以 Chrome 凭据为目标。 Qilin ransomware group targets Chrome credentials through new credential-harvesting tactic.
Qilin赎金软件组采用新策略窃取Google Chrome的证书, 扩大了赎金软件袭击的范围。 Qilin ransomware group has adopted a new tactic to steal Google Chrome credentials, expanding the scope of ransomware attacks. 黑客集团获得了目标的Active Directory域内的域控制器, 在那里他们使用PowerShell脚本部署了凭证收集技术, 以提取Chrome凭证. The group gained access to a domain controller within the target's Active Directory domain, where they deployed a credential-harvesting technique using a PowerShell script to exfiltrate Chrome credentials. 这种方法是勒索软件组织独有的,可能会收集存储在 Chrome 浏览器中的员工凭据,从而产生深远的影响。 This method, unique to ransomware groups, could potentially harvest credentials of employees stored in Chrome browsers, leading to far-reaching implications. 为了保护自己,建议用户避免将密码储存在网络浏览器中,依靠第三方平台进行安全的密码储存,并尽可能选择两要素验证或多要素验证。 To protect themselves, users are advised to avoid storing passwords in web browsers, rely on third-party platforms for secure password storage, and opt for Two-Factor Authentication or Multi-Factor Authentication whenever possible.