CySecurity News - Latest Information Security and Hacking Incidents

SaphhireStealer: New Malware in Town, Possess More Capabilities

A new malware called ‘SapphireStealer’ has been observed by Cisco Talos researchers. The malware came to light in December 2022 in Cisco’s public release, where they witnessed it frequently in public malware repositories, stealing browser credential databases and files containing sensitive user information. 

Researchers observed a rise in sales (and offers for rent) of the new stealer on different underground forums and illicit marketplaces. 

Cisco Talos threat researcher Edmund Brumaghin is certain with his observation that SapphireStealer possesses numerous entities that are modifying its code base, in order to accommodate additional data exfiltration processes, leading to the formation of many variations.

According to Brumaghin, the freshly compiled versions of the malware began “being uploaded to public malware repositories beginning in mid-January 2023, with consistent upload activity being observed through the first half of 2023.”

Researchers say that several malware versions are already in use by multiple threat actors, amplifying their efficiency and effectiveness in their operations over time. 

Capabilities of SapphireStealer

Apparently, the malware is designed to steal sensitive information from targeted systems. This information may include host information, screenshots, cached browser credentials and files stored on the system that match a predefined list of file extensions. Also

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: