Cybercriminals are trying to distribute new information-stealing malware by presenting it as gaming cheats and hacks.
According to cybersecurity researchers from Cluster25, the malware, dubbed “Erbium”, is a malware-as-a-service, meaning whoever pays the monthly fee, gets to use all of its features.
Right now, the tool is being distributed as a game crack, but that could change at any time, should another threat actor rent it out, or go after a different type of victim.
Cheaper than RedLine Stealer
When it comes to features and prices, Erbium is similar to the infamous RedLine Stealer in its abilities, but is available for a fraction of its cost.
The researchers are saying it can steal information stored in popular browsers (passwords, cookies, payment data, autofill information, etc.), data from cryptocurrency wallets (Atomic, Exodus, Electrum, and many others), two-factor authentication codes from a number of tools (Trezor Password Manager, EOS Authenticator, Authy 2FA, Authenticator 2FA), as well as grab screenshots, take Steam and Discord tokens, and Telegram authentication files.
At the same time, it is quite cheaper than RedLine, reprotedly only costing $100 for a monthly subscription, or $1,000 for a yearly license. While this still might sound like a lot, it costs roughly a third of what RedLine charges, and it is also worth mentioning that the price of Erbium rose from $9, signaling not only strong demand but also its rising popularity.
The hacking community has also praised Erbium’s creators for all their hard work and the fact that they’re listening to and implementing the community’s feedback.
Speaking of the creators, Cluster25 did not determine who the authors are, but did find Erbium being promoted on Russian-speaking forums this past summer.
At the same time, endpoints in the US, France, Colombia, Spain, Italy, India, Vietnam, and Malaysia, were found compromised.
- Here's our rundown of the best firewalls right now
Via: BleepingComputer
from TechRadar - All the latest technology news https://ift.tt/Qz5LCSP
No comments:
Post a Comment