Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Craig Hale

This new malware is proving quite popular... and dangerous

Malware Magnifying Glass

A new stealer malware is on the rise, designed to obtain user credentials to help attackers penetrate specific environments and obtain other information of financial value.

The strain, which is being referred to as Mystic Stealer, has been explored in detail jointly by Zscaler and InQuest, following a surge in cases since April 2023 and the alarming extent of its reach.

According to the reports, Mystic steals credentials from almost 40 web browsers (including Chrome, Edge, Firefox, and Opera, but not Safari) and over 70 browser extensions (including Coinbase Wallet, Dashlane, and LastPass).

Internet users warned of Mystic Stealer malware

The researchers at Zscaler and InQuest liken the stealer to most others in the way that it pillages autofill data, browsing history, arbitrary files, and cookies. It’s also been designed to collect computer information, such as system hostname, user name, and GUID.

Most alarming is this variant’s ability to obtain information related to cryptocurrency wallets, which have become increasingly popular in recent years.

The analysis details how Mystic Stealer collects and exfiltrates information to the command and control server, which then handles parsing, instead of extracting credentials locally on the victim’s device. 

The cybersecurity firms responsible for the article believe this is in an effort to “keep the size of the stealer binary smaller and the intention less clear to file analyzers.”

Overall, the conclusion is that Mystic Stealer is “looking to produce a stealer on par with the current trends of the malware space while attempting to focus on anti-analysis and defense evasion.”

Predicting the trajectory of the stealer is impossible, however analysts are apparently concerned about its sophistication at such a young age, thus the scope for widespread damage is noted. 

The usual cybersecurity protection steps apply, and those who suspect they may have been the victim of an attack should consider installing malware removal software.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.