This new malware is proving quite popular... and dangerous

News
By Craig Hale
published

Crypto is a key target for this stealer

Malware Magnifying Glass
Image Credit: Shutterstock (Image credit: Andriano.cz / Shutterstock)

A new stealer malware is on the rise, designed to obtain user credentials to help attackers penetrate specific environments and obtain other information of financial value.

The strain, which is being referred to as Mystic Stealer, has been explored in detail jointly by Zscaler and InQuest, following a surge in cases since April 2023 and the alarming extent of its reach.

According to the reports, Mystic steals credentials from almost 40 web browsers (including Chrome, Edge, Firefox, and Opera, but not Safari) and over 70 browser extensions (including Coinbase Wallet, Dashlane, and LastPass).

Internet users warned of Mystic Stealer malware

The researchers at Zscaler and InQuest liken the stealer to most others in the way that it pillages autofill data, browsing history, arbitrary files, and cookies. It’s also been designed to collect computer information, such as system hostname, user name, and GUID.

Read more

> The best firewalls

> This malware is evolving to become more dangerous than ever

> Top NAS devices are being targeted by this dangerous malware

Most alarming is this variant’s ability to obtain information related to cryptocurrency wallets, which have become increasingly popular in recent years.

The analysis details how Mystic Stealer collects and exfiltrates information to the command and control server, which then handles parsing, instead of extracting credentials locally on the victim’s device. 

The cybersecurity firms responsible for the article believe this is in an effort to “keep the size of the stealer binary smaller and the intention less clear to file analyzers.”

Overall, the conclusion is that Mystic Stealer is “looking to produce a stealer on par with the current trends of the malware space while attempting to focus on anti-analysis and defense evasion.”

Predicting the trajectory of the stealer is impossible, however analysts are apparently concerned about its sophistication at such a young age, thus the scope for widespread damage is noted. 

The usual cybersecurity protection steps apply, and those who suspect they may have been the victim of an attack should consider installing malware removal software.

Craig Hale
Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!