New Malware Strain “Vega Stealer” Discovered


Researchers at Proofpoint, a Silicon Valley-based cybersecurity company, have identified a new strain of malware called “Vega Stealer”

What is it?

“Malware” is a type of malicious software which is designed to cause harm to a user and/or their computer. It comes in many forms, including viruses, spyware, trojans, and ransomware.   The “Vega Stealer” strain of malware is spread through emails containing the subject line “Online store developer required” and has an attached Word document titled “brief.doc”. The document itself is designed to look like an official letter from Microsoft, and imitates their logo, font, and color schemes.    

What does it do?

If the “brief.doc” file is opened, Microsoft Word will prompt the victim to enable “macros”. Macros are used in Word to auomate tasks to save time, but when used maliciously, they can download malware or make unauthorized changes to a computer. If the Word attachment is opened and macros are enabled, a payload containing the malware will be downloaded and executed. The malware works by gathering saved info from Google Chrome and Mozilla firefox such as passwords, credit cards, profiles, and cookies. This info is then uploaded back to the criminals who created the malware. 

How can I prevent these types of infections?

Always exercise caution when opening documents or links that are emailed to you. Never open a link or a document from an unknown source. Even if it is from someone you trust, double check any links that are sent to you. You can do this by hovering your mouse over the link, and a small popup will appear with the URL that the link will take you to. Contact MetaTechnical at or by calling (215) 600-1215 if you have any questions, want to know the legitimacy of an email or document, or if you think you’re infected.