New Chinese Zhong Stealer Infects Fintech via Customer Support

A new Chinese malware threat, Zhong Stealer, is targeting fintech companies through customer support chats. The malware uses a scam involving a new, empty support ticket with broken language and a suspicious ZIP file to trick agents into opening it. Once opened, Zhong Stealer downloads additional components, steals credentials and browser extension data, and sends it to a command-and-control server in Hong Kong.