New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets

silversurfer

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,101
Content source
https://thehackernews.com/2023/05/new-stealthy-bandit-stealer-targeting.html
A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets.

"It has the potential to expand to other platforms as Bandit Stealer was developed using the Go programming language, possibly allowing cross-platform compatibility," Trend Micro said in a Friday report.

The malware is currently focused on targeting Windows by using a legitimate command-line tool called runas.exe that allows users to run programs as another user with different permissions.

The goal is to escalate privileges and execute itself with administrative access, thereby effectively bypassing security measures to harvest wide swathes of data.
Click to expand...
 
  • Like
  • +Reputation
  • Wow
Reactions: Kongo, simmerskool, harlan4096 and 6 others
Brahman

Brahman

Level 18
Verified
Top Poster
Well-known
Aug 22, 2013
885
Its high time that windows should in default restrict the admin rights and enable it only after asking for login password to be entered manually, like in Linux. This would at-lest make an unsuspecting user aware of something is requesting admin rights and that is to be suspected off.
 
  • Like
Reactions: simmerskool, Zero Knowledge and [correlate]
Z

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
849
Brahman said:
Its high time that windows should in default restrict the admin rights and enable it only after asking for login password to be entered manually
Click to expand...
Never going to happen. Useability trumps security in Windows. What will happen is MFA/2FA with security keys for accounts. That's the way forward.

+ There are plenty of priv esc bugs/exploits out there making elevating to admin easy. So standard/restricted accounts are not the answer.
 
Last edited:
  • Like
Reactions: simmerskool
You must log in or register to reply here.

Similar threads

silversurfer
    • +Reputation
    • Like
New DoubleFinger Loader Targets Cryptocurrency Wallets with Stealer
Replies
0
Views
948
News Archive
silversurfer
silversurfer
vtqhtr413
    • Like
    • +Reputation
    • Wow
New macOS Malware Steals Keychain Passwords and Crypto Wallets
Replies
0
Views
1,252
News Archive
vtqhtr413
vtqhtr413
silversurfer
    • Like
    • +Reputation
New Zaraza Bot Credential-Stealer Sold on Telegram Targeting 38 Web Browsers
Replies
0
Views
1,240
News Archive
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top