• Dapps:16.23K
  • Blockchains:78
  • Active users:66.47M
  • 30d volume:$303.26B
  • 30d transactions:$879.24M

Styx Stealer: New malware stealing browser and crypto data

user avatar

by Giorgi Kostiuk

2 years ago

  1. Discovery and Features of Styx Stealer
  2. Developer's Mistake and Data Leak
  3. CPR Investigation and Consequences


    4. Check Point Research (CPR) uncovered a new malware called Styx Stealer, capable of stealing browser data, cryptocurrency, and instant messenger sessions. This malware is a variant of Phemedrone Stealer, featuring new functionalities.

    Discovery and Features of Styx Stealer

    According to CPR, Styx Stealer is an updated version of Phemedrone Stealer. The new variant includes features like auto-start and crypto-clipping.

    Developer's Mistake and Data Leak

    During debugging, a developer linked to the Agent Tesla threat actor known as 'Fucosreal' made a critical mistake, leaking sensitive data. This allowed CPR researchers to gather intelligence on clients, profits, and personal details.

    CPR Investigation and Consequences

    The investigation revealed that Styx Stealer is based on an older version of Phemedrone Stealer, lacking some advanced features. The developer's failure in operational security compromised the campaign, allowing CPR to identify the involved individuals, their locations, and personal details.

    Despite attempts to distribute the malware, the campaign largely failed.Check Point Research Team

    The discovery of Styx Stealer underscores the importance of operational security in malware development and illustrates how a single mistake can lead to significant consequences for cybercriminals.

0

Rewards

chest
chest
chest
chest

More rewards

Discover enhanced rewards on our social media.

chest

Other news

New Privacy-Focused AI Tools Launched

chest

Several new AI tools have been launched that prioritize user privacy and data security.

user avatarMaya Lundqvist

Companies Opting Users into AI Training Without Consent

chest

LinkedIn and Google have been found to opt users into AI training without explicit consent, raising ethical concerns.

user avatarLi Weicheng

Massive Data Leak from Misconfigured Chatbot Database

chest

A security researcher discovered 300 million messages from 25 million users in a publicly accessible database due to a misconfigured backend.

user avatarLeo van der Veen

Institutional Adoption Could Propel XRP Price to $8

chest

Institutional adoption is seen as a key factor that could drive XRP's price to $8, especially after the SEC lawsuit settlement.

user avatarAisha Farooq

Settlement of SEC vs Ripple Lawsuit Boosts XRP Investor Sentiment

chest

The settlement of the SEC lawsuit against Ripple in 2025 has led to increased investor confidence and a rise in XRP's price.

user avatarTenzin Dorje

Trump Media Technology Group Reports Significant Financial Losses

chest

Trump Media Technology Group reports a net loss of over $700 million due to volatility in digital assets.

user avatarBayarjavkhlan Ganbaatar

Important disclaimer: The information presented on the Dapp.Expert portal is intended solely for informational purposes and does not constitute an investment recommendation or a guide to action in the field of cryptocurrencies. The Dapp.Expert team is not responsible for any potential losses or missed profits associated with the use of materials published on the site. Before making investment decisions in cryptocurrencies, we recommend consulting a qualified financial advisor.