New Vega Stealer malware seizes payment info from Chrome and Firefox

New malware designed to steal financial data and passwords from Chrome and Firefox has been discovered by researchers.

Proofpoint says the malicious software, called Vega Stealer, goes after payment information, saved credit card details, sensitive documents and passwords on infected machines.

Related: Internet security guide

The malware is being distributed via email, as an attachment named “brief.doc”. Some of these are being sent to individuals, but others are going to distribution lists.

Strangely enough, the people behind Vega Stealer appear to be very picky when it comes to their victims. According to the researchers, it is currently only targeting “a narrow set of companies in the Marketing/Advertising/Public Relations and Retail/Manufacturing industries”.

One of the subject lines they’ve associated with the malware reads: “Online store developer required”.

“While Vega Stealer is not the most complex or stealthy malware in circulation today, it demonstrates the flexibility of malware, authors, and actors to achieve criminal objectives,” said Proofpoint.

“Because the delivery mechanism is similar to more widely distributed and mature threats, Vega Stealer has the potential to evolve into a commonly found stealer. We will continue to monitor this threat as it propagates in the wild.”

The best way to protect yourself is by approaching all attachments with caution. If you don’t know where it came from, it’s better to ignore it.

Do you know somebody who’s been caught out by a phishing attack? Share your experiences @TrustedReviews.