Information thief Meduza will reveal to hackers any secrets of his victims
The evasive infostealer targets 95 web browsers, 76 crypto wallets and 19 password managers.
Cybersecurity researchers have discovered another bright representative CaaS-industry called Meduza Stealer. It’s a new information thief Windowswhich is distributed by subscription and actively improved by the author to avoid detection by security software solutions.
“Meduza Stealer has a single goal – comprehensive data theft. It learns all the actions of users on the Internet, extracting a wide range of data related to the browser. new report uptycs.
“From critical credentials to valuable browsing history and selected bookmarks, no type of data is safe. Even crypto wallet extensions, password managers and extensions are vulnerable 2FA”added the researchers.
Despite the similarity of functions with other infostealers, Meduza boasts a “cunning” operational design that excludes the use of obfuscation methods: the malware quickly stops its execution on compromised hosts in the event of a connection failure with the attacker’s C2 server.
In addition, as the researchers found out, Meduza Stealer interrupts its work on computers from the CIS countries, which leads to thoughts about the origin of the malware.
In addition to collecting data from 19 password management apps, 76 crypto wallets, 95 web browsers, DiscordSteam, system metadata, Meduza Stealer also collects Windows registry entries as well as a list of installed games, which points to broader financial motives for cybercriminals.
The malware is currently for sale on underground forums, as well as on the official Telegramdeveloper channel. Access to Meduza is available through a subscription that costs $199 for a month, $399 for three months, or $1,199 for a lifetime license. Information stolen by malware is available to malware clients through a convenient web panel.
In summary, we can say that Meduza Stealer is a dangerous and evasive infostealer, which can cause serious damage to the privacy and security of Windows users. When downloading files from the Internet, you should be especially vigilant and attentive to protect your systems from this threat. And reliable antivirus solutions and good cyber hygiene practices will only enhance the security of your data.