• Dapps:16.23K
  • Blockchains:78
  • Active users:66.47M
  • 30d volume:$303.26B
  • 30d transactions:$879.24M

Styx Stealer: New malware stealing browser and crypto data

user avatar

by Giorgi Kostiuk

2 years ago

  1. Discovery and Features of Styx Stealer
  2. Developer's Mistake and Data Leak
  3. CPR Investigation and Consequences


    4. Check Point Research (CPR) uncovered a new malware called Styx Stealer, capable of stealing browser data, cryptocurrency, and instant messenger sessions. This malware is a variant of Phemedrone Stealer, featuring new functionalities.

    Discovery and Features of Styx Stealer

    According to CPR, Styx Stealer is an updated version of Phemedrone Stealer. The new variant includes features like auto-start and crypto-clipping.

    Developer's Mistake and Data Leak

    During debugging, a developer linked to the Agent Tesla threat actor known as 'Fucosreal' made a critical mistake, leaking sensitive data. This allowed CPR researchers to gather intelligence on clients, profits, and personal details.

    CPR Investigation and Consequences

    The investigation revealed that Styx Stealer is based on an older version of Phemedrone Stealer, lacking some advanced features. The developer's failure in operational security compromised the campaign, allowing CPR to identify the involved individuals, their locations, and personal details.

    Despite attempts to distribute the malware, the campaign largely failed.Check Point Research Team

    The discovery of Styx Stealer underscores the importance of operational security in malware development and illustrates how a single mistake can lead to significant consequences for cybercriminals.

0

Rewards

chest
chest
chest
chest

More rewards

Discover enhanced rewards on our social media.

chest

Other news

Ripple Secures Preliminary CASP License Approval in Luxembourg

chest

Ripple has secured preliminary approval for a CASP license from Luxembourg's CSSF, marking a significant step in its operations.

user avatarNguyen Van Long

Ripple and SBI Holdings Launch RLUSD Stablecoin in Japan

chest

Ripple has partnered with SBI VC Trade to launch the RLUSD stablecoin in Japan after receiving approval from the Japan Financial Services Agency.

user avatarJesper Sørensen

OpenAI's GPT56 Model Naming Causes Confusion in Crypto Markets

chest

OpenAI's recent announcement of naming its GPT56 model capability tiers as Sol, Terra, and Luna has led to significant discussions within the crypto community.

user avatarSatoshi Nakamura

Crypto Market Seeks Direction Amid X Money Launch

chest

The launch of X Money arrives at a crucial moment for the crypto market, where assets are striving for a clearer direction.

user avatarRajesh Kumar

Current Report Utilizes Data from Coinglass

chest

The current report utilizes data sourced from Coinglass, ensuring that the information presented is accurate and relevant.

user avatarLucas Weissmann

Security Alert: MEV Bot JaredfromSubwayeth Exploited

chest

A security alert has been issued regarding the MEV bot known as JaredfromSubwayeth, which was exploited on June 26, 2026, raising concerns about the security of MEV bots in the blockchain environment.

user avatarFilippo Romano

Important disclaimer: The information presented on the Dapp.Expert portal is intended solely for informational purposes and does not constitute an investment recommendation or a guide to action in the field of cryptocurrencies. The Dapp.Expert team is not responsible for any potential losses or missed profits associated with the use of materials published on the site. Before making investment decisions in cryptocurrencies, we recommend consulting a qualified financial advisor.