As the dark web seeks new customers and victims, it appears that updated versions of information-stealing malware have made their way onto it and are now circulating the dark web.
There have been reports from cybersecurity researchers from SEKOIA that they have found content promoting a new information stealer called Stealc on several underground forums and Telegram channels.
Unlike some other info stealers, Stealc is not built from the ground up. Instead, it is an enhanced version of others, such as Vidar, Racoon, Mars, and Redline Stealer, which are popular information stealers. In January 2023, a report of the phenomenon was first noticed, but in February 2023, it gained more attention.
It has been reported that Stealc was developed by a threat actor called Plymouth who is trying to advertise it as an attack against the country. There appears to be a new patch or update added somewhere between once a week and once a month, and it is currently at version 1.3.0. Several new features have been added to the website, including a randomizer for C2 URLs, and a system that allows logging searches and sorts to be improved.
There was also a report that the Ukrainian government spared the lives of those affected by Stealc.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: