Malware News New Rust Based InfoStealer Extracts Sensitive Data from Chromium-based Browsers

Parkinsond

Parkinsond

Level 19
Thread author
Dec 6, 2023
921
Content source
https://cybersecuritynews.com/new-rust-based-infostealer-extracts-sensitive-data/
The malware, known as Myth Stealer, represents a significant evolution in cybercriminal tactics, combining modern programming techniques with traditional social engineering methods to compromise user credentials and financial information.

The threat actors behind this operation maintain multiple Telegram channels for distribution, updates, and even customer testimonials, demonstrating a professional approach to cybercrime infrastructure.

Trellix researchers identified this fully undetected malware sample during routine proactive threat hunting activities, revealing its sophisticated architecture and evasion capabilities. The research team discovered that the malware targets an extensive range of applications, including popular browsers like Chrome, Firefox, Edge, Opera, and Brave, along with communication platforms such as Discord and various specialized browsers used globally.

The distribution mechanism relies heavily on social engineering, with attackers disguising the malware as legitimate gaming software, cheat tools, or beta versions of popular games.

Victims typically encounter the malware through password-protected RAR files, where the password often follows predictable patterns like the game name suffixed with “beta” or “alpha”.

In some instances, threat actors have posted malicious links in online forums, even providing VirusTotal reports showing zero detections to establish credibility within gaming communities.
Click to expand...
 
  • Like
Reactions: Burbulator, Jonny Quest, Khushal and 1 other person
Dr. Wells

Dr. Wells

Level 2
Aug 27, 2024
76
"The malware, known as Myth Stealer, represents a significant evolution in cybercriminal tactics, combining modern programming techniques with traditional social engineering methods to compromise user credentials and financial information.""

This is a stealer type that everyone saw before, Why this is special?
 
  • Like
Reactions: Khushal and Parkinsond
Parkinsond

Parkinsond

Level 19
Thread author
Dec 6, 2023
921
Dr. Wells said:
This is a stealer type that everyone saw before, Why this is special?
Click to expand...
Most notably, it employs string obfuscation using the Rust crate obfstr, which transforms readable strings into complex XOR operations that significantly complicate reverse engineering efforts.

The malware also implements comprehensive sandbox detection by checking for specific usernames and system files commonly associated with analysis environments, immediately terminating execution if such indicators are detected.
Click to expand...
 
  • Like
Reactions: Khushal and Dr. Wells
You must log in or register to reply here.

Similar threads

Parkinsond
    • Like
    • Wow
    • HaHa
Malware News TikTok videos now push infostealer malware in ClickFix attacks
Replies
0
Views
442
Security News
Parkinsond
Parkinsond
Gandalf_The_Grey
    • Like
Malware News New FrigidStealer infostealer infects Macs via fake browser updates
Replies
0
Views
1,013
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Parkinsond
    • Like
Security News New EDDIESTEALER Malware Bypasses Chrome's App-Bound Encryption to Steal Browser Data
Replies
9
Views
545
Security News
Andy Ful
Andy Ful

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top