Attacks with the new ExelaStealer information-stealing malware have been directed against Windows systems in a bid to exfiltrate various data, including passwords, credit cards, keystrokes, cookies, Discord tokens, clipboard content, and screenshots, according to The Hacker News.
Threat actors behind the intrusions may have been conducting phishing or watering hole intrusions, as evidenced by ExelaStealer's distribution as a fraudulent PDF document, a report from Fortinet FortiGuard Labs showed. Researchers discovered that binary execution simultaneously shows a lure document while executing the infostealer. More threat actors are expected to leverage ExelaStealer, which could be availed for $20 to $120 depending on the subscription plan. "Data has become a valuable currency, and because of this, attempts to gather it will likely never cease. Infostealer malware exfiltrates data belonging to corporations and individuals that can be used for blackmail, espionage, or ransom. Despite the number of infostealers in the wild, ExelaStealer shows there is still room for new players to emerge and gain traction," said researcher James Slaughter.