- Advanced Installer’s Crypto Twist - October 15, 2023
- Hackers Exploit Designers for Mining - October 15, 2023
- Hackers Target Binance Russia - September 26, 2023
Three IT monitoring firms instantly issued a warning about the activities of a new virus, which is available via subscription for $150 per month. BleepingComputer‘s version reports about it, citing InQuest, Zscaler, and Cyfirma.
Mystic Stealer is a malware that searches for user data and private keys in 40 browsers (including Chrome, Firefox, Brave, and Edge), 70 extensions, over two dozen crypto programs (Electrum, Exodus, and Trezor Password Manager), and extensions, as well as credentials in Steam and Telegram.
What is Known About the Virus
The malware, according to analysts, first surfaced on hacker forums in April 2023. According to the screenshots above, Russian-speaking Internet users are promoting harmful malware. It is unclear whether they are the virus’s creators.
Analysts have discovered that the malware does not target the CIS market, which might indicate that the creators are associated with this region. According to the article, virus updates are supported by the public through Telegram. From Windows XP through Windows 11, all versions of the operating system were vulnerable to infection.
The magnitude of larceny caused by Mystic Stealer is unclear. Subscription models are becoming increasingly popular for propagating frauds and infections to attackers. An earlier correction said that the Russian Federation’s Impulse Team defrauded bitcoin investors out of more than $5 million using a network of bogus websites.
Unknown individuals have set up a network of clones of cryptocurrency trading platforms, fake sites on cryptocurrency, and even an SMM campaign on TikTok and Mastodon to mislead victims through counterparties.
Fraudsters are seeking for partners on Telegram, with the proviso that they have job experience in the field and pay a fee for it. Furthermore, the contractors are in charge of registering the domain name, making it more difficult to identify the primary attackers.