Select Page

A new information stealer called Stealc that’s being advertised on the dark web could emerge as a worthy competitor to other malware of its ilk.

“The threat actor presents Stealc as a fully featured and ready-to-use stealer, whose development relied on VidarRaccoonMars, and RedLine stealers,” SEKOIA said in a Monday report.

The French cybersecurity company said it discovered more than 40 Stealc samples distributed in the wild and 35 active command-and-control (C2) servers, suggesting that the malware is already gaining traction among criminal groups.

Stealc, first marketed by an actor named Plymouth on the XSS and BHF Russian-speaking underground forums on January 9, 2023, is written in C and comes with capabilities to steal data from web browsers, crypto wallets, email clients, and messaging apps.

The malware-as-a-service (MaaS) also boasts of a “customizable” file grabber that allows its buyers to tailor the module to siphon files of interest. It further implements loader capabilities to deploy additional payloads.

images from Hacker News