Torrent Invites! Buy, Trade, Sell Or Find Free Invites, For EVERY Private Tracker! HDBits.org, BTN, PTP, MTV, Empornium, Orpheus, Bibliotik, RED, IPT, TL, PHD etc!



Results 1 to 2 of 2

Hybrid View

  1. 02-22-2023 #1
    kirillStaff Icon
    kirill is offline
    EyeS Of TiGeRs
    kirill's Avatar
    Reputation Points
    1064715
    Reputation Power
    100
    Join Date
    Aug 2017
    Posts
    36,558
    Time Online
    646 d 12 h 37 m
    Avg. Time Online
    5 h 26 m
    Mentioned
    5602 Post(s)
    Quoted
    1039 Post(s)
    Liked
    15286 times
    Feedbacks
    983 (100%)

    'Stealc' information-stealing malware emerges from the dark web


    A new information-stealing malware called "Stealc" was recently seen making the rounds on the dark web, not only looking for its next victim, but also its next customer.

    Cybersecurity researchers from SEKOIA recently discovered the malware being advertised on multiple underground forums by a threat actor called "Plymouth." According to the the cybercriminal, Stealc is a fully-featured and ready-to-use stealer based on more popular infostealers, such as Vidar, Racoon, Mars, and Redline Stealer.

    Stealc gets new tweaks and upgrades at least once a week. Some of its new features include a command and control (C&C) center URL randomizer, and improved logs searching and sorting system. It can also spare victims from Ukraine. Aside from these, Stealc has the following characteristics and capabilities:

    • Only 80KB
    • Uses legitimate third-party DLLs
    • Written in C and abuses Windows API functions
    • Exfiltrates stolen data automatically
    • Targets 22 browsers, 75 plugins, and 25 desktop wallets

    Aside from advertising it on dark web forums, Plymouth is also deploying the malware to various PCs by creating fake YouTube tutorials on how to crack software. The videos will then direct an unsuspecting user to a download website that will deploy Stealc.

    Once the malware is installed on a victim's PC, it performs anti-analysis checks to ensure that it's not running on a virtual environment or sandbox. Next, it loads Windows API functions and starts communicating with the C&C center to send the victim’s hardware identifier and build name. The malware will then receive a set of instructions.

    At this point, Stealc will start collecting data from the targeted browsers, extensions, and apps. It will also execute its file grabber if its active and exfiltrate all files to the C&C server. After it successfully steals data, Stealc removes itself and the downloaded DLL files from the victim's PC to avoid detection.

    SEKOIA says that it has discovered more than 40 C&C servers related to Stealc, implying that the malware has become popular among cybercriminals distributing stealer malware.

    To protect your PCs from malware, always keep your security software updated and never download or install software from sketchy websites. Finally, do not open attachments or links from unsolicited emails, as they may contain malware.
    Reply With Quote Reply With Quote
  2. 02-23-2023 #2
    mooncage
    mooncage is offline
    User mooncage's Avatar
    Reputation Points
    10
    Reputation Power
    9
    Join Date
    Feb 2023
    Posts
    22
    Time Online
    1 d 23 h 12 m
    Avg. Time Online
    3 m
    Mentioned
    5 Post(s)
    Quoted
    1 Post(s)
    Liked
    2 times
    Feedbacks
    0
    Ouch! Good to know. More evidence of how careful we need to be.
    Reply With Quote Reply With Quote

« Previous Thread | Next Thread »

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

All times are GMT +1. The time now is 04:39 AM.
Powered by vBulletin® Version 4.2.2
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved.