Recently, the cybersecurity researchers at CYFIRMA found that hackers are actively using “Mystic Stealer Malware,” a new information stealer.
It’s been claimed that in an underground forum, this new information stealer is actively advertised by the threat actors, and for their operations, they use a Telegram channel.
More than 50 active C2 servers were detected during the OSINT investigation, and this count depicts the rapid growth of this threat and how increasingly it’s becoming common.
In renowned underground forums, the ‘Mystic Stealer’ appeared for the first time in late April 2023.
With the following key things that are advertised, this info-stealer managed to attract huge attention:-
As time went by, the information stealer was shared with the forum’s skilled members for them to try it.
They tested it, confirmed it worked well, and also gave useful suggestions to its developers for making it even better.
The threat actors carefully integrated these recommendations into the stealer, leading to continuous updates and enhancements.
Using code manipulation techniques to outsmart most antivirus products, Mystic Stealer achieves a low detection rate according to AV checks.
Here below, we have mentioned the subscription charges for the Mystic Stealer:-
The malware can target all Windows versions and is compatible with both x86 and x64 platforms.
Here below, we have mentioned the Windows versions that could be targeted:-
To avoid detection, researchers said it operates within the computer’s memory and exploits system calls to compromise targets, ensuring that no evidence is left behind on the hard drive while stealing data.
The malware is designed to operate independently, without needing external libraries, and for improved performance, it includes its own custom browser database parser.
Here below, we have mentioned all the capabilities of the Mystic Stealer:-
Mystic Stealer mainly targets companies that handle sensitive data, such as:-
Mystic Stealer might focus on industries like healthcare, finance, and technology because of the significant value associated with the data they hold.
Not only that, but even Mystic Stealer also targets the users actively involved in cryptocurrency transactions.
Here Below we have mentioned all the recommendations:-
Looking For an All-in-One Multi-OS Patch Management Platform –
The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…
White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…
Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…
The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…
Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…
WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…