Inside Meduza Stealer’s Web: 19 Password Managers and 76 Crypto Wallets at Risk

Reading Time: ( Word Count: )

July 3, 2023
Nextdoorsec-course

In a clear indication of the thriving crimeware-as-a-service (CaaS) industry, cybersecurity experts have uncovered a novel information stealer for Windows called Meduza Stealer. The author is actively developing the malware to specifically craft it in order to avoid detection by security software solutions.

Uptycs, in their recent report, described Meduza Stealer as a tool with a single purpose: comprehensive data theft. The malware is designed with the intention of extracting information associated with browsers. This includes vital login passwords, comprehensive browsing histories, and carefully selected caches. Furthermore, the stealer’s tactics have uncovered vulnerabilities. These vulnerabilities affect seemingly secure artifacts such as cryptocurrency wallet extensions, password managers, and two-factor authentication (2FA) extensions.

Despite sharing similarities with existing data stealers, Meduza distinguishes itself with a clever operational design that deliberately avoids obfuscation techniques. Furthermore, it terminates its execution on compromised hosts if a connection to the attacker’s server fails.

Also Read: “Microsoft Teams Flaw Paves Way for Cyber Threats: An Urgent Call for Action”

Crypto Wallets at Risk

If a target is found in any designated excluded nations, such as Turkmenistan and the Commonwealth of Independent States (CIS), the malware is also configured to terminate.

Meduza Stealer doesn’t limit itself to common data theft; it also targets specific information related to mining activities. It extracts Windows Registry entries associated with mining operations. Additionally, it compiles a list of installed games, suggesting a broader financial motive. Currently, the individuals behind the malware are advertising it on darknet sites like XSS and Exploit.in, as well as a dedicated Telegram channel. They provide pricing options that include a monthly subscription for $199, a three-month subscription for $399, and a lifetime license priced at $1,199. Additionally, users have access to a convenient online panel that simplifies the process of acquiring stolen data.

According to the studies, “this feature’s accessibility allows users to instantly download or remove the stolen data from the internet page, providing them extraordinary power over their unauthorised content.” 

Meduza Stealer’s extensive range of features highlights the sophisticated nature of this threat. It also reflects the determined efforts made by its creators to ensure its success.

Saher

Saher

Author

Saher is a cybersecurity researcher with a passion for innovative technology and AI. She explores the intersection of AI and cybersecurity to stay ahead of evolving threats.

Other interesting articles

Amazon Mistakenly Sends Out Gift Card Confirmations

Amazon Mistakenly Sends Out Gift Card Confirmations

Amazon unintentionally dispatched purchase confirmation emails regarding Hotels.com, Google Play, and Mastercard ...
FBI Flags Escalating Trend of Paired Ransomware Threats

FBI Flags Escalating Trend of Paired Ransomware Threats

The U.S. Federal Bureau of Investigation (FBI) has issued an alert regarding a rising trend of dual ransomware ...
Unraveling the Mystery Behind Discord’s Recent Block Message

Unraveling the Mystery Behind Discord’s Recent Block Message

Users of the renowned communication tool Discord were taken aback today when they were greeted with an alarming ...
Best Phishing Tools for Ethical Hacking in 2023

Best Phishing Tools for Ethical Hacking in 2023

Phishing is one of the most prevalent cyber threats today, seeking to exploit human vulnerabilities rather than ...
0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *