The cybersecurity world is buzzing with the discovery of a new malware called “The Meduza Stealer” that is specifically targeting Windows users with advanced data theft tactics. The Uptycs Threat Research team uncovered this new threat while monitoring dark web forums and Telegram channels, shedding light on its capabilities in a recent advisory.
Crafted by an enigmatic actor known as ‘Meduza,’ this malware is tailor-made to target Windows users and organizations, with only a select group of countries being spared from its reach. The primary goal of the Meduza Stealer is to pilfer data, particularly from browsers, including login credentials, browsing history, bookmarks, as well as sensitive information from vulnerable extensions like crypto wallets, password managers, and two-factor authentication (2FA) tools.
Moreover, the Meduza Stealer has the ability to gather various system-related information from infected devices, such as system build, computer name, CPU specifications, execution path, geographical location, GPU details, hardware ID information, public IP address, operating system specifics, RAM details, screen resolution, screenshots, timestamp, time zone, and usernames.
Uptycs revealed that their communication with the malware’s administrator indicated a focus solely on data theft activities, with no involvement in ransom activities. The malware is actively developed and capable of integrating new features, including the ability to evade detection in certain countries and halt execution if the attacker’s server is unreachable, making it a potent and stealthy cybersecurity threat.
The Meduza Stealer is primarily marketed and distributed through dark web forums and Telegram channels, where potential cyber-criminals can access and deploy the malware. The administrator behind the malware actively engages with interested parties, highlighting its features and capabilities while restricting distribution to specific countries.
The potential consequences of the Meduza Stealer are dire, including financial losses and large-scale data breaches for affected individuals and organizations if left unchecked. While no specific attacks have been attributed to Meduza yet, the risks it poses should not be underestimated.
In a similar vein, FortiGuard Labs recently uncovered a separate infostealer called ThirdEye targeting Windows users, adding to the growing list of cybersecurity threats facing Windows users. Stay vigilant and ensure your systems are protected against these evolving threats to safeguard your data and privacy.