Security researchers at Zscaler ThreatLabz have released a technical report on a newly discovered information malware strain dubbed Statc Stealer, which targets the sensitive payment and personal information of Microsoft Windows users, reports The Hacker News.
The malware, which is written in the C++ programming language, initiates entry into victims' systems by posing as web browser ads. Upon being clicked, the malware deploys a first-stage payload that includes a decoy installer as well as a downloader binary that is stealthily deployed to connect to a remote server via a PowerShell script and proceed to retrieve the stealer malware.
The malware features advanced techniques for inhibiting reverse engineering analysis and sandbox detection and exfiltrates the harvested data using HTTPS via connections with a command-and-control server. It targets web browser information such as login data, preferences, and cookies, as well as cryptocurrency wallets, credentials, and messaging app data.
"The significance of Statc Stealer's exfiltration technique lies in its potential to steal sensitive browser data and send it securely to its C&C server," according to the researchers, who described the malware as a "significant threat."
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news