Security News > 2022 > April > Haskers Gang Gives Away ZingoStealer Malware to Other Cybercriminals for Free

A crimeware-related threat actor known as Haskers Gang has released an information-stealing malware called ZingoStealer for free on, allowing other criminal groups to leverage the tool for nefarious purposes.

Besides harvesting sensitive information such as credentials, stealing cryptocurrency wallet information, and mining cryptocurrency on victims' systems, the malware leverages Telegram as both an exfiltration channel as well as a platform to distribute updates.

The incorporation of the XMRig cryptocurrency mining software into the stealer, the researchers said, is an attempt on the part of the malware author to further monetize their efforts by using systems infected by affiliates to generate Monero coins.

Malicious campaigns delivering the malware take the form of a game modification utility or a software crack, with the threat actors posting YouTube videos advertising the tools' features and its description, including a link to an archive file hosted on Google Drive or Mega that contains the ZingoStealer payload. That said, Cisco Talos pointed out that the executables are also being hosted on the Discord CDN, raising the possibility that the infostealer is being disseminated within gaming-related Discord servers.

What's more, the malware is equipped to deploy secondary malware at the discretion of the attacker, such as RedLine Stealer, a more feature-rich information stealer that plunders data from various applications, browsers, and cryptocurrency wallets and extensions.

This potentially may explain why the malware authors are offering ZingoStealer for free to any adversary.

News URL

https://thehackernews.com/2022/04/haskers-gang-gives-away-zingostealer.html