Mystic Stealer malware is gaining popularity on hacker forums and darknet marketplaces to steal information and cryptocurrencies. This was reported by a number of researchers in the field of cybersecurity.
The malware targets 40 browsers, 21 cryptocurrency apps and 55 specialized browser extensions, 9 apps for multi-factor authentication and password management, Steam and Telegram credentials.
Mystic Stealer is capable of attacking computers running all versions of Windows. It has minimal impact on infected systems, encrypts communications with the C&C server, and directly sends stolen files to it, allowing it to evade detection.
When launched for the first time, the malware collects information about the operating system and hardware by taking a screenshot. Depending on the instructions received from the operator, the malware targets more specific data stored in browsers and applications.
The creators rent the malware for $150 per month. At the same time, they added an exception for use in the CIS countries, which may indicate the origin of the malware.
Mystic Stealer has been known since April and is being actively developed. The project has a Telegram channel where development news, feature requests, and other hot topics are discussed.
ForkLog previously reported that the Pink Drainer group stole $2.9 million from Ethereum, Arbitrum and other networks through phishing and social engineering.
Found a mistake in the text? Select it and press CTRL+ENTER
ForkLog Newsletters: Keep your finger on the pulse of the bitcoin industry!