A new information stealer called Stealc has recently emerged on the dark web, gaining traction due to its aggressive promotion of stealing capabilities and similarities with other malware like Vidar, Raccoon, Mars, and Redline. The malware was discovered by researchers at French cybersecurity company SEKOIA in January 2023.
According to SEKOIA, the threat actor behind Stealc presents it as a fully featured and ready-to-use stealer, whose development relied on Vidar, Raccoon, Mars, and RedLine stealers. This is a worrying development for cybersecurity experts, as Stealc could potentially emerge as a worthy competitor to other malware of its ilk.
Capabilities and Modus Operandi of Stealc
Stealc is a powerful information stealer that can perform a wide variety of attacks, including:
- Stealing browser data: Stealc can steal data from various web browsers, including Chrome, Firefox, Opera, and Internet Explorer. This includes cookies, usernames, passwords, and credit card information.
- Stealing cryptocurrency wallets: Stealc can steal desktop cryptocurrency wallets and browser extensions for cryptocurrency wallets.
- Screen capture: Stealc can take screenshots of the victim’s desktop, providing a glimpse of what the victim is doing on their computer.
- Stealing system information: Stealc can steal information about the victim’s system, including the operating system, processor, and installed software.
- Stealing sensitive files: Stealc can steal sensitive files from the victim’s computer, including documents, spreadsheets, and presentations.
The threat actor behind Stealc, who goes by the moniker Plymouth, claims that Stealc supports a wide set of stealing capabilities, making it a powerful tool for cybercriminals.
Stealc is typically distributed through spam emails, malicious downloads, or compromised websites. Once installed, it creates a backdoor on the victim’s system, allowing the threat actor to access the victim’s data and perform various malicious actions.
How to Protect Yourself from Stealc
As with any malware, prevention is the best defense against Stealc. Here are some tips to protect yourself from Stealc:
- Keep your software up to date: Stealc often exploits vulnerabilities in outdated software to gain access to a victim’s system. Keeping your software up to date is a simple but effective way to protect yourself from Stealc and other malware.
- Use a reliable antivirus: A reliable antivirus can detect and remove Stealc and other malware from your system. Make sure to keep your antivirus software up to date.
- Be careful with email attachments: Stealc is often distributed through spam emails with malicious attachments. Be cautious of any email attachments you receive, especially if they come from unknown senders.
- Use two-factor authentication: Two-factor authentication adds an extra layer of security to your accounts, making it more difficult for Stealc and other malware to gain access to your data.
- Backup your data: Regularly backing up your data is a good practice, as it can help you recover your data in the event of a ransomware attack or data breach.
The Takeaway
Stealc is a new information stealer that has recently emerged on the dark web, gaining traction due to its aggressive promotion of stealing capabilities and similarities with other malware like Vidar, Raccoon, Mars, and Redline. It is a powerful tool for cybercriminals that can perform a wide variety of attacks, including stealing browser data, cryptocurrency wallets, and sensitive files. To protect yourself from Stealc, it is important to keep your software up to date, use a reliable antivirus, be careful with email attachments, use two-factor authentication, and backup your data.
