New Nation State Malware Targets Browsers
A suspected nation state attacker is deploying a new Windows malware variant called Airstalk, possibly as part of a supply chain attack.
[Airstalk] uses the API to establish a covert command-and-control (C2) channel, primarily through the AirWatch feature to manage custom device attributes and file uploads.
According to Palo Alto Networks' researchers, Airstalk leverages the AirWatch API for mobile device management and is able to harvest cookies, browsing history, bookmarks, and screenshots from web browsers.
- The malware appears in both PowerShell and .NET variants.
- The .NET variant features more capabilities and appears to be in a more advanced stage of development.
- The PowerShell version only targets Google Chrome.
Author's summary: New malware variant Airstalk targets browsers and devices.
More News
- Claiming Freedom in Revolution and in War: an Introduction to the Anarchist Group in Sudan - Black Rose Anarchist Federation (2025)
- International collaborative effort to understand dengue and Zika | Imperial News | Imperial College London
- Grand Pathways event eases transition into and out of high school
- Reflections on Intelligence, With Thomas Sowell and Justice Clarence Thomas
- Our Sacred Right and Responsibility to Vote | New Jersey City University
- New pilot program to provide pathways to Kentucky high school students interested in behavioral health careers.
- VA tech glitch halts GI Bill payments to thousands, advocates say
- Misrata Youth and Revolutionaries Movement: Misratans who met Khaled Haftar represent only themselves