Malware, Vulnerability Management

Mars Stealer vulnerability could defeat operators’ servers

TechCrunch reports that the Mars Stealer malware could be remotely disrupted by leveraging a coding vulnerability discovered in the malware-as-a-service's leaked cracked version. Researchers from penetration testing startup Buguard said that exploiting the flaw could compromise Mars Stealer's command-and-control servers, with Buguard Chief Technology Officer Youssef Mohamed noting that the bug could enable log deletion from the targeted Mars Stealer server, active session termination, and scrambling of the dashboard's password to prevent future logins by the malware's operators. Aside from removing attackers' access to stolen data, abusing the vulnerability would also require repeated targeting and reinfection of victims, Mohammed added. Five Mars Stealer servers have already been neutralized by Buguard, four of which have been taken offline. Only authorities will be informed about the details of the vulnerability so as to prevent the operators from discovering the reason behind the compromise of their malware but a similar flaw has been observed in the Erbium malware.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.