Security News > 2023 > July > Evasive Meduza Stealer Targets 19 Password Managers and 76 Crypto Wallets
In yet another sign of a lucrative crimeware-as-a-service ecosystem, cybersecurity researchers have discovered a new Windows-based information stealer called Meduza Stealer that's actively being developed by its author to evade detection by software solutions.
"The Meduza Stealer has a singular objective: comprehensive data theft," Uptycs said in a new report.
Despite the similarity in features, Meduza boasts of a "Crafty" operational design that eschews the use of obfuscation techniques and promptly terminates its execution on compromised hosts should a connection to the attacker's server fail.
It's also designed to abort if a victim's location is in the stealer's predefined list of excluded countries, which consists of the Commonwealth of Independent States and Turkmenistan.
Meduza Stealer, besides gathering data from 19 password manager apps, 76 crypto wallets, 95 web browsers, Discord, Steam, and system metadata, harvests miner-related Windows Registry entries as well as a list of installed games, indicating a broader financial motive.
"This in-depth feature set showcases the sophisticated nature of the Meduza Stealer and the lengths its creators are willing to go to ensure its success."
News URL
https://thehackernews.com/2023/07/evasive-meduza-stealer-targets-19.html
Related news
- Google Play, Apple App Store apps caught stealing crypto wallets (source)
- Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign (source)
- GrassCall malware campaign drains crypto wallets via fake job interviews (source)
- Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets (source)