• Thu. Oct 12th, 2023

Undetectable Info Stealer: Sold on Darknet

Avatar photo


Jul 14, 2023
Undetectable Info Stealer: Sold on Darknet

Emergence of Mystic Stealer: A Potent Information-Stealing Malware Unleashed

Cybersecurity researchers from around the world are paying attention to Mystic Stealer, a new and extremely dangerous strain of information-stealing malware. This MaaS, known for its creativity and destructive potential, first appeared on various hacker forums and Darknet markets in April. It was once available for $150 a month or $390 per quarter, but thanks to significant improvements from its creators, it has rapidly changed.

Given that it can attack all versions of Windows and collect private information from several sources, Mystic Stealer represents a serious danger. It can get data from password managers, Microsoft Outlook, authenticators like Gauth and Authy, 70 cryptocurrency extensions, and a variety of cryptocurrency wallets. It can also pull data from 30 different web browsers. It is noteworthy that cybersecurity intelligence professionals consider it a serious threat despite the fact that it has gotten favorable reviews from hacking experts on several sites.

The Undetectable Nature of Mystic Stealer

Mystic Stealer is tricky to the majority of anti-virus scanners because it operates in memory, unlike other information thieves. It decrypts compromised credentials without the need for third-party libraries, which minimizes its footprint and makes it more resistant to anti-virus analysis. In order to operate covertly, the virus secretly sends the stolen data to another site for parsing and decoding. According to the Mystic Stealer TG channel, Scantime reports that just 2 out of 26 antivirus scanners can find Mystic Stealer, which is startling.

Mystic Stealer has the ability to capture screenshots of the desks of compromised machines in addition to collecting more sophisticated computer data than just the basic information. Customers of this service have the option to submit additional malware payloads, which would then be executed on compromised machines, posing a greater risk.

Mystic Stealer’s intricacy and potential for severe harm are highlighted by Zscaler researchers who extensively researched it. Several countries have registered the MaaS, including the US, Germany, France, and others. It’s noteworthy that they discovered a “grand cluster” of interconnected computers in Russia, suggesting that this cunning operation may have started there.