216.73.217.19

Arkanix Stealer targets a variety of data, offers a MaaS referral program

· Published 19/02/2026 11:10 · Modified 19/02/2026 12:42

Export JSON

Essential information

Published
19/02/2026 11:10
Modified
19/02/2026 12:42
Tags
2026-02-19 arkanix stealer browser data theft c++ chromelevator cryptocurrency gaming infostealer maas python
Related entities
10 observables, 12 techniques (mitre), 2 malware, 2 others

Description

, a newly discovered malware operating under a Malware-as-a-Service model, targets a wide range of user data including cryptocurrencies, , and online banking information. The stealer, available in both and C++ versions, offers configurable features and employs various techniques to evade detection. It can extract data from multiple browsers, VPNs, and platforms, as well as capture screenshots and RDP connection details. The malware authors promoted their product through a Discord server and implemented a referral program to attract customers. The campaign appears to have been short-lived, with infrastructure taken down around December 2025.

External references