Evasive Meduza Stealer Targets 19 Password Managers and 76 Crypto Wallets


July 03, 2023Ravie LakshmananMalware / Hacking

The Medusa Thief

In another sign of the lucrative crimeware-as-a-service (CaaS) ecosystem, cybersecurity researchers have discovered a new Windows-based information thief called The Medusa Thief which are actively developed by the manufacturer to avoid detection by software solutions.

“The Meduza Stealer has a single goal: comprehensive data theft,” Uptycs said in a new report. “It steals user browsing activity, extracts various browser related data.”

“From critical login credentials to precious browsing history records and carefully curated bookmarks, no digital artifact is safe. Even crypto wallet extensions, password managers, and 2FA extensions are vulnerable.”

Despite the similarities in features, Meduza offers a “sneaky” operational design that avoids using obfuscation techniques and immediately halts its execution on a compromised host if the connection to the attacker’s server fails.

It is also designed to be canceled if the victim’s location is on the thief’s predefined list of excluded countries, which consists of the Commonwealth of Independent States (CIS) and Turkmenistan.

Meduza Stealer, in addition to gathering data from 19 password manager applications, 76 crypto wallets, 95 web browsers, Discord, Steam, and system metadata, harvested Windows Registry entries related to miners as well as lists of installed games, suggesting a broader financial motive.

The Medusa Thief

It is currently offered for sale on underground forums such as XSS and and dedicated Telegram channels as a recurring subscription that costs $199 per month, $399 for three months, or $1,199 for a lifetime license. The information stolen by the malware is provided via an easy-to-use web panel.

“This feature allows customers to download or delete stolen data directly from web pages, giving them an unprecedented level of control over the information they illegally obtained,” the researchers said.

“This deep feature set showcases the sophisticated nature of the Meduza Stealer and the lengths to which its creators were willing to go to ensure its success.”

Found this article interesting? Follow us on Twitter And LinkedIn to read more exclusive content we post.


Source link

Related Articles

Back to top button