Stealc, this new infostealer to be wary of


The family of infostealers, malicious programs designed to steal information from infected devices, is growing. The French cyber threat intelligence specialist Sekoia.io has just reported the distribution of Stealc, a spyware sold for rental under the form of a license.

Offered for purchase since the beginning of January

According to the cybersecurity firm’s threat research team, Stealc has been offered for purchase since the beginning of January. Sekoia has since spotted the dissemination of several dozen samples as well as about forty command and control servers. This is a sign that the new malware, which is at version 1.3, is being tested and purchased by cybercriminals.

In a classic way for an infostealer, Stealc is programmed to collect sensitive data from the most used web browsers, from Chrome to Firefox, browser extensions as well as local applications of cryptocurrency wallets, details Sekoia.

For example, the malware has already infected targets via a service promising its users free access to pirated software. Cybercriminals using it can filter data before an export, a useful feature in case the stolen information is later resold.

Similarities

The new infostealer was not developed from scratch. It thus has very strong similarities with four other malicious programs, Vidar, Raccoon, Mars and Redline. So many malware that concern cybersecurity specialists. Raccoon, offered at a price of 200 dollars per month, was thus spotted for the first time in 2019.

And Vidar, which appeared in 2018, had been used to spread the GandCrab ransomware. This last example also reminds us that the threat brought by the infostealer goes beyond its sole use. They can thus be the source of ransomware attacks by providing remote access to a system that will allow a third party to deploy ransomware.





Source link -97