A new information stealer called Stealc that’s being advertised on the dark web could emerge as a worthy competitor to other malware of its ilk.
“The threat actor presents Stealc as a fully featured and ready-to-use stealer, whose development relied on Vidar, Raccoon, Mars, and RedLine stealers,” SEKOIA said in a Monday report.
The French cybersecurity company said it discovered more than 40 Stealc samples distributed in the wild and 35 active command-and-control (C2) servers, suggesting that the malware is already gaining traction among criminal groups.
Stealc, first marketed by an actor named Plymouth on the XSS and BHF Russian-speaking underground forums on January 9, 2023, is written in C and comes with capabilities to steal data from web browsers, crypto wallets, email clients, and messaging apps.
The malware-as-a-service (MaaS) also boasts of a “customizable” file grabber that allows its buyers to tailor the module…