At the end of June, cybersecurity researchers alerted to the development of a very sophisticated personal information theft program.
This program, called Meduza, can even collect the supposedly most secure data from affected devices. But its creators did not develop it to use it themselves: it is above all a subscription service, designed to be as efficient as it is easy to use for neophytes.
An all-in-one information thief
Meduza was discovered by researchers from the cybersecurity company Uptycs. According to them, it is not only very effective in fulfilling its primary role of stealing information. On top of that, its creators have made sure that the program, which apparently only works on Windows, is as hard as possible to spot. Thus, it ceases all activity if the connection to the attacked server fails for any reason.
The list of vulnerable information for the affected computers does not seem to want to stop. Still according to the researchers who discovered Meduza, ” from login credentials to browsing histories, nothing is safe. Even crypto-wallet extensions, password managers, or two-factor authentication systems are affected “. Beyond that, other information like the list of installed Steam games and other discussions on Discord are affected. For Uptycs, these last points seem to indicate a financial objective behind Meduza.
Surprisingly, the program is designed not to work if its geolocation indicates that it is located in certain countries, 19 in all.
An accessible and user-friendly service
Meduza is not a priori not a government instrument of control or espionage. This is a commercial product. Indeed, it is available on some forums, and we even know the price: 199 dollars per month, 399 dollars for three months, or 1,199 dollars per year. For people taking out a subscription, the information collected in this way is then classified and easily accessible through an easy-to-use interface, even if you are unfamiliar with it.
Meduza is therefore likely a subscription service, and for its creators, a source of income rather than a spy system. One more example of cybercrime as a service is a market that has a bright future ahead of it.
Sources: The Hacker News, Uptycs
1