216.73.217.86

Ailurophile: G DATA has sighted a new info stealer in the wild

· Published 19/08/2024 13:39 · Modified 19/08/2024 13:59

Export JSON

Essential information

Published
19/08/2024 13:39
Modified
19/08/2024 13:59
Tags
2024-08-19 ailurophile stealer credential-theft cryptocurrency theft exfiltration infostealer stealer
Related entities
2 observables, 10 techniques (mitre), 1 malware

Description

G DATA has detected a novel information-stealing malware, dubbed ''. It is a PHP-based offered through a subscription model on its dedicated website. Customers utilize a web panel to generate customized malware variants, specifying features such as the malware name, icon, Telegram notification channel, and optional payload delivery. The targets popular browsers and can pilfer autofill data, cookies, passwords, browsing history, credit card details, and cryptocurrency wallet information. It employs commercial virtualization software for execution and steals specific file types containing keywords suggestive of sensitive data. The malware has different components for various functionalities like process termination, data collection, and optional payload delivery with Windows Defender disabling capability.

External references