In yet another sign of a lucrative crimeware-as-a-service (CaaS) ecosystem, cybersecurity researchers have discovered a new Windows-based information stealer called Meduza Stealer that’s actively being developed by its author to evade detection by software solutions.
“The Meduza Stealer has a singular objective: comprehensive data theft,” Uptycs said in a new report. “It pilfers users’ browsing activities, extracting a wide array of browser-related data.”
“From critical login credentials to the valuable record of browsing history and meticulously curated bookmarks, no digital artifact is safe. Even crypto wallet extensions, password managers, and 2FA extensions are vulnerable.”
Despite the similarity in features, Meduza boasts of a “crafty” operational design that eschews the use of obfuscation techniques and promptly terminates its execution on compromised hosts should a connection to the attacker’s server fail.
images from Hacker News