The elusive information thief targets 95 web browsers, 76 cryptocurrency wallets, and 19 password managers.
Cybersecurity researchers have discovered another promising member of the CaaS industry known as Meduza Stealer. This is a new information thief for Windows that is being actively improved by the author to avoid detection by security software solutions.
"Meduza Stealer has a single goal: total data theft." "It learns all of the Internet activities of users, extracting a wide range of data related to the browser," says a new Uptycs report.
"No data is safe, from critical credentials to valuable browsing history and selected bookmarks." "Crypto wallet extensions, password managers, and two-factor authentication extensions are all vulnerable," the researchers added.
Despite the similarities in functionality with other infostealers, Meduza has a "cunning" operational design that avoids the use of obfuscation methods: the malware promptly terminates its execution on infected computers in the event of a connection failure with the attacker's C2 server.
Furthermore, as the researchers discovered, Meduza Stealer disrupts its work on machines from CIS countries, raising questions about the malware's origin.
Meduza Stealer captures data from 19 password management apps, 76 crypto wallets, 95 online browsers, Discord, Steam, and system metadata, in addition to Windows registry entries and a list of loaded games, indicating larger financial reasons for cybercriminals.
The malware is currently for sale on underground sites as well as the developer's official Telegram channel. Meduza is offered via subscription for $199 per month, $399 per three months, or $1,199 for a lifetime licence. Malware customers can access information obtained by malware via a handy web panel.
To summarise, Meduza Stealer is a harmful and evasive infostealer that can seriously harm Windows users' privacy and security. To defend your devices from this threat, you should be extra watchful and attentive when downloading data from the Internet. Furthermore, dependable antivirus software and proper cyber hygiene practises can only improve the protection of your data.