Researchers have identified a popular new information stealer being advertised for purchase on Russian-speaking dark web forums. Stealc is a ready-to-use stealer that can compete with other popular malware families such as Vidar, Raccoon, Mars and Redline, according to a report published by threat intelligence company Sekoia.io this week. It targets sensitive data from at least 23 web browsers — such as Google Chrome, Vivaldi and Mozilla Firefox — as well as popular desktop cryptocurrency wallets, like Binance and Coinomi. Stealc also goes after web browser-based wallets, email clients and messenger software. Companies facing stealer compromise need to be aware of this malware,” Sekoia.io said. “We expect that the Stealc infostealer will become widespread in the near term, as multiple threat actors add the malware to their arsenal while it is poorly monitored.” Malware-as-a-service tools like Stealc lower the entry barrier to the cybercrime world by allowing hackers without advanced technical skills to purchase readymade kits from online marketplaces and quickly and easily launch cyberattacks. In January and February, researchers discovered dozens of Stealc samples circulating in the wild, indicating that this new info-stealer has traction among cybercriminals, they said. Infection with the malware happens when a cybercriminal tricks someone into downloading it. Sekoia.io found one example involving hijacked YouTube sites that promoted links to pirated software. Clicking on the links led to a disguised installer for Stealc instead of the software.
Full report : New Stealc malware-as-a-service targets web browsers, crypto wallets, email clients.
