GraceWire Trojan
The GraceWire Trojan is a threatening piece of malware that focuses on collecting data from computers. In the past, the GraceWire Trojan has been used by high-profile threat actors such as the Evil Corp (also known as Dridex). It seems that the same threat actors are spreading the GraceWire Trojan once again. This time, they have opted to reach their victims by using fake COVID-19 emails that claim to contain important data regarding the ongoing pandemic. The email attachment usually uses the '.XLS' or '.XLSX' extensions, and it contains a decoy document combined with a corrupted macro script that is dedicated to unleashing the GraceWire Trojan payload.
In the past, the GraceWire Trojan has been spread via similar attachments that usually were focused on fake invoices and important documents that the recipient may be eager to review. Regardless of the tricks used, the results of getting infected by the GraceWire Trojan are always devastating.
This Trojan does not raise any red flags when it comes to computer behavior and performance, and users are unlikely to notice anything strange. While the GraceWire Trojan is active, it will seek out login credentials, cookies and other sensitive data to collect. It also is capable of scanning the hard drive for specific file names and then transfer copies of these files to the Command and Control server.
While the GraceWire Trojan is a very advanced threat, certainly, you can rest assured that it will not bother you if you make sure to protect your computer with an up-to-date anti-malware software suite.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.