The recent emergence of Bandit Stealer is a stark reminder of the growing threat posed by information-stealing malware. This malware is capable of targeting multiple web browsers and cryptocurrency wallets, and its ability to be compatible with different platforms makes it a particularly worrisome threat. It has been observed to use the legitimate runas.exe command-line tool to gain access to Windows systems and bypass security measures. It is also capable of establishing persistence on the system, collecting data from web browsers and crypto wallets, and evading detection by terminating blocklisted processes. Bandit Stealer is spread via phishing emails and fake Heart Sender installers, and other stealer malware such as Luca, StrelaStealer, DarkCloud, WhiteSnake, and Invicta Stealer are also being propagated through spam emails and fraudulent versions of popular software.
The data collected by stealers can be used for various malicious purposes, such as identity theft, financial gain, data breaches, credential stuffing attacks, and account takeovers. Secureworks Counter Threat Unit (CTU) has observed a 670% increase in the number of stolen logs on underground forums like Russian Market between June 2021 and May 2023. The MaaS ecosystem is constantly evolving, with threat actors now peddling their warez on Telegram due to law enforcement actions. Therefore, it is essential for users to stay alert and take necessary security measures in order to protect themselves from this growing threat.
Source: Hackernews
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.