uTalk
Official forum for Utopia Community
You are not logged in.
- Topics: Active | Unanswered
#1 2023-07-03 23:39:35
- thrive
- Member
- Registered: 2023-01-04
- Posts: 2,068
Evasive Meduza thief targets 19 password managers & 76 crypto wallets.
Security researchers have found a new Windows-based information thief called Meduza Stealer that is actively being developed by its author to evade detection by software solutions, which is yet another indication of a lucrative crimeware-as-a-service (CaaS) ecosystem.
Uptycs recently released a report stating that "The Meduza Stealer has a singular objective: comprehensive data theft.". It takes advantage of users' browsing habits by gathering a variety of information about browsers. ".
"No digital artifact is safe, not even the most important login information or the priceless history of one's browsing habits or meticulously curated bookmarks. Even password managers, 2FA extensions, and crypto wallet extensions are susceptible. ".
Despite the similarities in their features, Meduza boasts a "crafty" operational design that forgoes the use of obfuscation techniques and promptly ends the execution of their code on compromised hosts should a connection to the attacker's server fail.
The Commonwealth of Independent States (CIS) and Turkmenistan are among the countries on the stealer's predefined list of excluded nations, and the device is also programmed to terminate if a victim's location is on that list.
In addition to collecting information from 19 password manager applications, 76 cryptocurrency wallets, 95 web browsers, Discord, Steam, and system metadata, Meduza Stealer also harvests Windows Registry entries related to miners and a list of installed games, indicating a broader financial motivation.
Medusa Thief.
It is currently being sold as a recurring subscription for $199 per month, $399 for three months, or $1,199 for a lifetime license on unofficial forums like XSS and Exploit .
in and a dedicated Telegram channel.
An easy-to-use web panel makes the data that the malware stole accessible.
The researchers claimed that this function gave subscribers "unprecedented control over their stolen information" by enabling them to download or delete the stolen data directly from the web page.
"This comprehensive feature set demonstrates the complex design of the Meduza Stealer and the lengths to which its creators are prepared to go in order to ensure its success. ".
Offline