Security News > 2022 > November > Researchers Warn of Cyber Criminals Using Go-based Aurora Stealer Malware

A nascent Go-based malware known as Aurora Stealer is being increasingly deployed as part of campaigns designed to steal sensitive information from compromised hosts.

First advertised on Russian cybercrime forums in April 2022, Aurora was offered as a commodity malware for other threat actors, describing it as a "Multi-purpose botnet with stealing, downloading and remote access capabilities."

In the intervening months, the malware has been scaled down to a stealer that can harvest files of interest, data from 40 cryptocurrency wallets, and applications like Telegram.

The development also comes as researchers from Palo Alto Networks Unit 42 detailed an enhanced version of another stealer called Typhon Stealer.

The new variant, dubbed Typhon Reborn, is designed to steal from cryptocurrency wallets, web browsers, and other system data, while removing previously existing features like keylogging and cryptocurrency mining in a likely attempt to minimize detection.

"Typhon Stealer provided threat actors with an easy to use, configurable builder for hire," Unit 42 researchers Riley Porter and Uday Pratap Singh said.

News URL

https://thehackernews.com/2022/11/researchers-warn-of-cyber-criminals.html