02-02-2022 , 05:50 AM
A new and powerful malware named ‘Mars Stealer’ has appeared in the wild, and appears to be a redesign of the Oski malware that shut down development abruptly in the summer of 2020.
Mars Stealer is an information-stealing malware that steals data from all popular web browsers, two-factor authentication plugins, and multiple cryptocurrency extensions and wallets.
Additionally, the malware can exfiltrate files from the infected system and relies on its own loader and wiper, which minimizes the infection footprint.
From Oski to Mars Stealer
In July 2020, the developers behind the Oski information-stealing trojan suddenly shut down their operation after no longer responding to buyers and the closing of their Telegram channel.
Fast forward almost a year later, and a new information-stealing malware called 'Mars Stealer' began to be promoted on Russian-speaking hacking forums.
Source https://www.bleepingcomputer.com/news/se...nd-crypto/
Mars Stealer is an information-stealing malware that steals data from all popular web browsers, two-factor authentication plugins, and multiple cryptocurrency extensions and wallets.
Additionally, the malware can exfiltrate files from the infected system and relies on its own loader and wiper, which minimizes the infection footprint.
From Oski to Mars Stealer
In July 2020, the developers behind the Oski information-stealing trojan suddenly shut down their operation after no longer responding to buyers and the closing of their Telegram channel.
Fast forward almost a year later, and a new information-stealing malware called 'Mars Stealer' began to be promoted on Russian-speaking hacking forums.
Source https://www.bleepingcomputer.com/news/se...nd-crypto/