HQ/EMEAFind out how we can help your business
A recently discovered malware, Myth Stealer, targets unwary users through misleading game downloads. Engineered in the Rust programming language, this malware is specifically crafted to extract sensitive personal information.
Security analysts indicate that the malware is propagated through counterfeit gaming websites that lure users into downloading harmful files masquerading as legitimate games or applications. Once activated, the malware projects a fake application window to simulate a genuine program, all the while executing harmful code behind the scenes.
The malware first appeared in December 2024, initially offered for free on Telegram during its development phase. It has since progressed into a comprehensive malware-as-a-service (MaaS) platform capable of pilfering browser data like passwords, cookies, and autofill details from popular browsers, including Chrome, Firefox, Edge, Brave, and Opera.
Telegram is the primary vector for the propagation of the Myth Stealer.
The creators of Myth Stealer used Telegram channels to advertise their products, sell stolen account credentials, and showcase user testimonials. The platform has now removed these channels.
Further probes uncovered that the malware is being spread through fraudulent Blogger websites promoting pirated or counterfeit video games. One such site had previously distributed another malware variant, AgeoStealer.
Another distribution method involves cracked versions of cheating software for online games. An example is a program called DDrace, which surfaced on a gaming forum and was used to deliver a harmful payload.
Upon installation, the malware displays a setup screen to distract users while the real attack occurs in the background. It operates through a 64-bit DLL file and can terminate browser processes to extract user information. The stolen data is subsequently exfiltrated to remote servers or sent via Discord webhooks.
Engineered with evasion tactics in mind, Myth Stealer employs sophisticated techniques like string obfuscation and system environment checks to elude detection. Its developers continually refine the malware by integrating screen capture and clipboard hijacking features.
Myth Stealer is part of a wider trend of malware distributed through gaming-related content. Therefore, the public, especially gaming enthusiasts, should be cautious about downloading games from unverified and unsafe sources to avoid unwanted compromises planned by threat actors.
