HQ/EMEAFind out how we can help your business
The developer of Stealc Infostealer is aggressively promoting their infostealing malware, which attracted multiple cybercriminals. Based on reports, the newly emerged Malware-as-a-Service offers free trials for cybercriminals to try their new malware and gain traction in the cybercriminal landscape.
Plymouth, the alleged malware developer of Stealc, advertises its infostealer as a full-fledged stealer with various capabilities. The new malware also includes an administration panel that gives its operators complete control over its configurations.
Some researchers observed that the malware spreads through numerous cracked software products advertised on YouTube videos of stolen accounts. In addition, Stealc maintains a changelog for each new strain of the malware. Hence, the malware updates with new features and bug fixes every week.
As of now, researchers have already confirmed more than 40 command-and-control servers and multiple dozens of malware strains from the MaaS. This detail emphasises that the newly endorsed malware has already reached numerous threat groups in the cybercriminal environment.
The Stealc Infostealer constantly undergoes updates that add new capabilities.
According to investigations, the Stealc Infostealer developer has continuously updated its malware since the start of the year.
This malware is coded in C, and its latest variant could target email clients, web browsers, web plugins, and desktop wallets. Additionally, the malware has a lightweight build that reaches around 80 kilobytes, and all the strings are hidden via RC4 and Base64 algorithms.
Stealc also reviews a targeted system to see if it has virtual and sandbox environments and abuses authentic third-party DLLs and Windows API functions to bypass security detections.
The developer also mentioned that its new infostealer had leveraged features from notorious malware strains such as Raccoon, Vidar, RedLine, and Mars. Hence, Stealc Infostealer includes legitimate third-party DLLs and identical command-and-control communications.
The Stealc Infostealer is a mix of all the popular features of already-established malware products, which makes it a perfect choice for different cyber criminals. Its developer is also constantly giving updates and bug fixes that increase the usage of its malware.
Experts believe that this new sophisticated infostealer could become a massive threat soon. Organisations should now be ready to implement a robust security control with multi-layered visibility and security solutions to mitigate or stop the attacks of such information stealers.
