[Warning]: New Mystic Stealer targets 40 web browsers and crypto wallets

cryptomaniac_xxx

hero member

Activity: 1344

Merit: 540

Quote from: Yamane_Keto on June 23, 2023, 08:05:16 AM

Targeted Cryptocurrency Applications represent a mixture of closed and open source wallets, which means that the target is not cryptocurrency wallets, but the operating system. Your use of the Linux operating system will reduce these risks a lot.Do not install applications from unknown sources, random clicking on links and similar tips are still good solutions for such viruses, but I think that antivirus services prepare such lists of wallets to give fragmented solutions and thus higher returns for them.

Yes, but the thing is not everyone is fond of using Unix or Linux flavor as a OS because it's not user friendly like Windows.

So most likely this is the target audience of this stealer and for us crypto users, very hard to really get away of not using Windows. And with that, we really need to be very careful as others have said. Clicking links or even downloading is not a safe practice.

Always go with the official website if we want to download something.

TravelMug

hero member

Activity: 2632

Merit: 833

Quote from: UchihaSarada on June 22, 2023, 08:57:19 PM

Quote from: Dave1 on June 22, 2023, 06:23:51 PM

It's obvious that this are cracks software from Warez and most likely it might continue some form of malware.

Same for Torrents, you might not be aware but this criminals can attach malware too to the movies or anything that you downloaded.

So the moral of the story is that you shouldn't download from unknown sites, simply as that.

Can it be applied with GIFs?

I remembered I read that GIFs can be used to attach malwares and those GIF files can infect our devices too. That writer recommends that we should limit ourselves in using GIFs. Like in Telegram, we should turn off automatic download features to avoid potential threats.

How to stop Telegram Auto-download

Yes, I think GIF's too can be attached and put a malware by this criminals. Like in this report: Hackers can now sneak malware into the GIFs you share. So no one is safe, everybody should do their due diligence right now. You can't just open anything in the web without our crypto not compromised as it is not the top target of criminals as it is easy to hide once they stole our crypto as transactions are irreversible.

UchihaSarada

full member

Activity: 434

Merit: 141

Hire Bitcointalk Camp. Manager @ r7promotions.com

Quote from: Yamane_Keto on June 23, 2023, 08:05:16 AM

Targeted Cryptocurrency Applications represent a mixture of closed and open source wallets, which means that the target is not cryptocurrency wallets, but the operating system.

When they successfully infect your computer, they can collect many types of data and can analyze data they steal from your devices to do further steps. Like stealing your online accounts, your exchange accounts or accessing your cryptocurrency wallets and moving your coins and tokens.

They can do it instantly with your compromised cryptocurrency wallets or they can simply note it down, add it to their real time tracker tools and wait till a day your wallets have a big IN transaction then they will steal that big amount.

Quote

Your use of the Linux operating system will reduce these risks a lot.Do not install applications from unknown sources, random clicking on links and similar tips are still good solutions for such viruses, but I think that antivirus services prepare such lists of wallets to give fragmented solutions and thus higher returns for them.

Linux is less targeted by hackers than Windows and it is better to use if you are using cryptocurrency wallet.
Linux Mint https://linuxmint.com/

Even you use Linux, don't do everything, install many softwares on a computer you store your wallets. Have air-gapped wallets to store your cryptocurrency is best on whatever operating system.

Yamane_Keto

hero member

Activity: 406

Merit: 443

Targeted Cryptocurrency Applications represent a mixture of closed and open source wallets, which means that the target is not cryptocurrency wallets, but the operating system. Your use of the Linux operating system will reduce these risks a lot.Do not install applications from unknown sources, random clicking on links and similar tips are still good solutions for such viruses, but I think that antivirus services prepare such lists of wallets to give fragmented solutions and thus higher returns for them.

icalical

sr. member

Activity: 1400

Merit: 268

Fully Regulated Crypto Casino

Just read the link provided by OP at the bottom here https://inquest.net/blog/2023/06/15/mystic-stealer-new-kid-block.

I try to find how to spot if my system is compromise, but there is no easy way to detect that, usually we can spot a malware by its process name on the 'Task Manager' (on windows) or Activity Monitor (for Mac). But in the article there is no way do such thing to spot the malware, the only thing to do was trace the network route, whether or not our browser send some data to certain server, which might be just few easy step for some people, but for someone that are not too savvy with networking that will be quite tricky to do.

UchihaSarada

full member

Activity: 434

Merit: 141

Hire Bitcointalk Camp. Manager @ r7promotions.com

Quote from: Dave1 on June 22, 2023, 06:23:51 PM

It's obvious that this are cracks software from Warez and most likely it might continue some form of malware.

Same for Torrents, you might not be aware but this criminals can attach malware too to the movies or anything that you downloaded.

So the moral of the story is that you shouldn't download from unknown sites, simply as that.

Can it be applied with GIFs?

I remembered I read that GIFs can be used to attach malwares and those GIF files can infect our devices too. That writer recommends that we should limit ourselves in using GIFs. Like in Telegram, we should turn off automatic download features to avoid potential threats.

How to stop Telegram Auto-download

petulino

full member

Activity: 280

Merit: 114

👉bit.ly/3QXp3oh | 🔥 Ultimate Launc

Quote from: PX-Z on June 22, 2023, 06:58:24 PM

That's why having an updated AV is always a good to go. Always scan every file you downloaded from torrent, movies or software/apps. But the best thing is to separate your personal own computer to only wallet activity, expensive but its better safe than never.

I actually did the same. i have two laptop, one for sample use including downloading, browsing purpose while other just for performing crypto related task. i did not installed amy third party software in crypto laptop and so far i am saved. sample use laptop where I installed many thirds party software are full of malware( keyboard hacked). i will recommend smart phone for transaction which is still safe.

PX-Z

hero member

Activity: 1554

Merit: 880

pxzone.online

That's why having an updated AV is always a good to go. Always scan every file you downloaded from torrent, movies or software/apps. But the best thing is to separate your personal own computer to only wallet activity, expensive but its better safe than never.

Dave1

hero member

Activity: 1414

Merit: 542

Quote from: UchihaSarada on June 21, 2023, 10:18:29 PM

Quote from: Dave1 on June 20, 2023, 06:04:20 AM

Mode of infection is always the same, crack softwares, torrents and warez, unsolicited emails.

So again, just a reminder to everyone just to be careful of anything you download in the web as it may contains a malware and might be too late once our crypto wallets have been drained.

Could you explain more about security risk from Torrents and Warez?

It's obvious that this are cracks software from Warez and most likely it might continue some form of malware.

Same for Torrents, you might not be aware but this criminals can attach malware too to the movies or anything that you downloaded.

So the moral of the story is that you shouldn't download from unknown sites, simply as that.

albon

legendary

Activity: 1890

Merit: 1537

Quote from: coin-investor on June 22, 2023, 08:37:45 AM

Hacking and scamming are at an all-time high and they will go higher, awareness of the risk on every file you encounter is more important than ever, it is not ok to rely everything on anti-virus and anti-malware.

Now more than ever we have to upgrade our knowledge about security, hackers are working 24/7 to devise a scheme to hack as many computers as possible because they know every computer is a potential keeper of cryptocurrency.

I completely agree with you. There are Trojans that are encrypted professionally, as they do not appear to anti-virus programs as viruses. We should not rely on anti-virus programs, no matter how powerful they are, as they can only protect our devices by 50%, but the remaining 50% depends on us to immunize our devices to avoid download cracks and unknown programs from YouTube and unknown sites and stores, there are a lot of scam web extensions for wallets, fake phone applications and phishing domains, they target everything that investors and traders use in the crypto space a lot, also two-factor authentication should always be activated in all our accounts and wallets and its application should be on a separate phone or computer, and we should not save passwords in any browser, credit card information, or any sensitive information because if the device is hacked, the browser data will be in the hands of the fraudster on a plate of gold.

coin-investor

hero member

Activity: 2996

Merit: 598

Leading Crypto Sports Betting & Casino Platform

Quote from: Darker45 on June 21, 2023, 09:24:25 PM

Every click matters now more than ever. A single error could cost us our entire wallet.

Hacking and scamming are at an all-time high and they will go higher, awareness of the risk on every file you encounter is more important than ever, it is not ok to rely everything on anti-virus and anti-malware.

Now more than ever we have to upgrade our knowledge about security, hackers are working 24/7 to devise a scheme to hack as many computers as possible because they know every computer is a potential keeper of cryptocurrency.

Kemarit

legendary

Activity: 3080

Merit: 1353

Quote from: Darker45 on June 21, 2023, 09:24:25 PM

Thanks for the heads up! The online space is now becoming a more dangerous water to tread. Utmost vigilance is needed more than ever. It's clear malwares are fast developing. It's worrisome reading this new kid on the block especially knowing that the development of this one has a "focus on anti-analysis and defense evasion." I'm afraid this might not easily be detected by weaker anti-virus.

Every click matters now more than ever. A single error could cost us our entire wallet.

I agree, and every year the attack is getting bolder from this cyber criminals and it's really hard to detect this malware. That's why we really need to be vigilant in this times. I mean we don't want to lose our money just like that because we have work hard for that.

Majority of us are doing DCA months after months so going to be very difficult to see that one day everything is gone because those hackers was able to install their malware on our machines. So the burden is upon us to be very careful of links or any source of malware, (like downloading from unknown and not secure sites).

UchihaSarada

full member

Activity: 434

Merit: 141

Hire Bitcointalk Camp. Manager @ r7promotions.com

Quote from: Dave1 on June 20, 2023, 06:04:20 AM

Mode of infection is always the same, crack softwares, torrents and warez, unsolicited emails.

So again, just a reminder to everyone just to be careful of anything you download in the web as it may contains a malware and might be too late once our crypto wallets have been drained.

People must be more carefully, security-wise practice if they have cryptocurrency accounts, cryptocurrency wallets on their devices.

Cracked softwares, unsafe.
Unsolicited emails, unsafe.
Personal messages on Telegram, Discord, Whatsapp from strangers, unsafe.
Never click on links from anyone especially if those links sent by strangers.

Could you explain more about security risk from Torrents and Warez?

How about big files from Google Drive? Google Drive will warn us that a file is too big and they can not scan virus for us.

Darker45

legendary

Activity: 2576

Merit: 1860

Thanks for the heads up! The online space is now becoming a more dangerous water to tread. Utmost vigilance is needed more than ever. It's clear malwares are fast developing. It's worrisome reading this new kid on the block especially knowing that the development of this one has a "focus on anti-analysis and defense evasion." I'm afraid this might not easily be detected by weaker anti-virus.

Every click matters now more than ever. A single error could cost us our entire wallet.

TravelMug

hero member

Activity: 2632

Merit: 833

Quote from: dkbit98 on June 21, 2023, 01:33:55 PM

Quote from: Dave1 on June 20, 2023, 06:04:20 AM

Mode of infection is always the same, crack softwares, torrents and warez, unsolicited emails.

Mode of infection is wInD0ws OS first, than everything else.
This is almost impossible to happen on Linux or Mac OS, and it's not only because they are safer but because it's easier for hackers to target win users.
There are 99% less malware on good Linux OS and most of the stuff can be installed, including everything Bitcoin related.

Yeah, if we are talking about the lesser evil here, then Linux or Mac OS is good. In the last couple of years I switch to Mac OS and I'm happy to do that.

Because we all know how Windows OS sucks and then if we involved ourselves in crypto, we just don't know. Even if we think we are safe and practice safe hygience, there could still be some loopholes in Windows that this cyber criminals are going to take advantage to inflict malware and then target our crypto wallets.

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: Dave1 on June 20, 2023, 06:04:20 AM

Mode of infection is always the same, crack softwares, torrents and warez, unsolicited emails.

Mode of infection is wInD0ws OS first, than everything else.
This is almost impossible to happen on Linux or Mac OS, and it's not only because they are safer but because it's easier for hackers to target win users.
There are 99% less malware on good Linux OS and most of the stuff can be installed, including everything Bitcoin related.

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

Quote from: Faisal2202 on June 20, 2023, 06:24:26 AM

I am not a technical person even though i am a student of computer sciences, but

You should have been a little more careful and followed the link in the article in red. All the explanations are written there, including how exactly the same Stealer can steal information from browser add-ons and how to extract passwords.

Quote

The approach used by Mystic Stealer is similar to what was reported for Arkei Stealer.

https://blogs.blackberry.com/en/2022/02/threat-thursday-arkei-infostealer

But you don't even need to be a technical expert to understand that this and other similar viruses attack Windows users.

And again, as a repetition of the past, I can give good advice about using and learning the Linux system.

passwordnow

hero member

Activity: 3136

Merit: 591

Leading Crypto Sports Betting & Casino Platform

Thanks for the share.
I do download a few extensions but good thing that most of them are not related to crypto. I see that an authenticator is targeted and that's authy. I think those that are using this authenticator much better download the app version and not the extension one.
Just to be sure that there are apps and extensions that are convenient but if you've seen a report like this, you gotta switch quickly.

drwhobox

full member

Activity: 756

Merit: 133

- hello doctor who box

Quote from: masulum on June 20, 2023, 11:19:46 AM

Downloading applications, email links, sms or chatting is easy to spread the virus. However, sometimes someone accidentally clicks on an ad on a website, which in fact takes us to a dangerous website and contains a malware. Generally this happens for those who don't feel the need to use antivirus and adsblockers. For those who are hunting for airdrops, faucets, this often appears as a dangerous website from these advertisements, this can also trigger a virus.

It is basically the people who download from unauthorized sites and cracks from the internet. You can avoid ad's by not clicking them but when you go to a scam website or download some crack software from internet you have to turn of the antivirus and that is what scammers wants. I have a habit of downloading pirated games and softwares now I am well aware of the situation and avoid doing the stuff on my main device.

masulum

legendary

Activity: 2324

Merit: 1604

hmph..

Quote from: CryptSafe on June 20, 2023, 09:24:00 AM

-snip-
I basically do download apps from google store but these days, no one can tell the original from the fake anymore as the duplicates are almost similar with no difference. Downloading apps and browser extension these days are not safe anymore if not from a recommended source.
-snip

Downloading applications, email links, sms or chatting is easy to spread the virus. However, sometimes someone accidentally clicks on an ad on a website, which in fact takes us to a dangerous website and contains a malware. Generally this happens for those who don't feel the need to use antivirus and adsblockers. For those who are hunting for airdrops, faucets, this often appears as a dangerous website from these advertisements, this can also trigger a virus.

Topic: [Warning]: New Mystic Stealer targets 40 web browsers and crypto wallets (Read 267 times)