Numerous web browsers and cryptocurrency wallets on Windows systems are being targeted by the new Bandit Stealer information-stealing malware, which could also evade Windows Defender, and be used to facilitate data breaches, account takeovers, identity theft, and credential stuffing attacks, reports The Record, a news site by cybersecurity firm Recorded Future.
Trend Micro researchers discovered that the Go-based Bandit Stealer malware which resembles other info-stealers, including Luna Grabber, Kyoku Cookie token stealer, Pegasus Stealer, and Creal Stealer does not only have the capability to exfiltrate data, including usernames, hard drive details, current IPs, country codes, and detailed computer information, but also impact victims' Telegram accounts to enable further compromise.
Malicious websites and phishing emails with seemingly innocuous files have been leveraged to deliver the persistent Bandit Stealer malware, according to researchers. Attackers have also been using a fake installer for the Heartsender program to deliver the Bandit Stealer malware.