Google Docs tapped by ACRStealer malware for C2

Attacks involved the retrieval and decoding of the legitimate C2 domain in base64, enabling ACRStealer to exfiltrate browser data, FTP credentials, text files, emails, chat logs, remote access program information, password manager details, VPN data, browser extension information, and database details, according to findings from AhnLab Security Intelligence Center researchers.SCM feed for Endpoint/Device SecurityRead More