- Malware Description
- Countermeasures and Vulnerabilities
- Financial Gains from Hacks
Cybersecurity experts from Check Point Research have discovered new malware called Styx Stealer. This software is capable of stealing various data, including cryptocurrency, and is available for rent on the developer’s website.
Malware Description
Styx Stealer was discovered due to a data leak by the developer during debugging. It is derived from older malware called Phemedrone Stealer and retains all its functions: stealing saved passwords, cookies, auto-fill data, cryptocurrency wallet data, and instant messenger sessions. The new software also incorporates improved detection evasion techniques and a crypto clipper function.
Countermeasures and Vulnerabilities
Windows users with an up-to-date operating system are safe from Styx Stealer, as the malware exploits a vulnerability in Microsoft Windows Defender that was patched last year. Cryptocurrency clipping occurs when malware substitutes a crypto recipient’s wallet address with the bad actor’s wallet during a transaction.
Financial Gains from Hacks
Check Point Research identified eight wallets presumably belonging to the Styx Stealer developer, which received around $9,500 in crypto payments for the malware within the first two months of its operation. This indicates substantial financial gains from using this software.
Styx Stealer shows how cybercriminals continue to develop methods to steal data and cryptocurrency. Constantly updating security systems and software is a necessary step to protect against such threats.
