HawkEye keylogger is a formidable trojan known for stealthily stealing vital data from your computer. This malware collaborates with others to snatch passwords from email clients and browsers, making it a potent threat. It spreads through malspam campaigns, targeting business users to compromise accounts and extract sensitive data for malicious purposes.
Recent campaigns used spam servers in Estonia, disguising emails as messages from Spanish banks. They distributed HawkEye Reborn v8.0 and v9.0 through deceptive attachments resembling commercial invoices. When opened, these attachments secretly install Hawkeye while distracting victims with the invoice image.
To infect victims, Hawkeye employs mshta.exe dropped by PhotoViewer, leveraging PowerShell to connect with a command-and-control server for further malware. It ensures persistence with gvg.exe in the Windows Registry, automatically restarting with each boot.
Protect against this threat with a Security Information and Event Management (SIEM) solution, offering constant device monitoring and real-time threat detection, fortifying your defenses against the Hawkeye Keylogger's menace. Watch the video to learn more—three minutes is all it takes!
You will receive regular updates on the latest news on cybersecurity.
© 2021 Zoho Corporation Pvt. Ltd. All rights reserved.
