Another variant of crypto stealers has been discovered lately, called Statc Stealer. It is defined as a sophisticated malware that targets Windows OS for now, steals sensitive information, including web browsers, crypto wallets and other social media platform passwords. It is so sophisticated that it was developed using C++ and so has a evading skills and sandbox detection.
Mode of infection:
The Zscaler ThreatLabz team recently discovered Statc Stealer. This malicious software gains access to a victim’s data by appearing like an authentic Google advertisement. Once the victim clicks on the advertisement, their operating system is infected with malicious code that steals sensitive data like credentials from web browsers, credit card information, and cryptocurrency wallet details. Unauthorized access to a victim’s computer system can have enormous personal and professional repercussions. Victims become easy targets for identity theft, cryptojacking, and other forms of malware attacks. At the enterprise level, a Statc Stealer breach can result in financial loss, reputational damage, legal liabilities, and regulatory penalties.
Attack Chain:
So once you download it in your system, it will steal every information that it can find and then send it to a command and control server. So they will have total control of your system then.
Targeted Browsers:
- Chrome
- Microsoft Edge
- Brave
- Opera
- Yandex
- Mozilla Firefox
Stealing auto-fill data:
- Usernames and passwords
- Email
- Credit card details
- Personal addresses
- Payment information
Crypto related wallets:
- Cryptocom-Wallet
- Petra-aptos-wallet
- exodus-web3-wallet
- bitkeep-crypto-nft-wallet
- liquality-wallet
- ethos-sui-wallet
- suite-sui-wallet
- tallsman-polkadot-wallet
- Enkrypt-ethereum-polkadot
- leap-cosmos-wallet
- pontem-aptos-wallet
- fewcha-move-wallet
- rise-aptos-wallet
- teleport-wallet
- martin-wallet-aptos-sui
- avana-wallet-solana-wallet
- glow-solana-wallet-beta
- solflare-wallet
https://www.zscaler.com/blogs/security-research/statc-stealer-decoding-elusive-malware-threat
So we should be really be careful of what we click and downloaded in the net right now specially if we are using the same pc or laptop for our crypto related activities including wallet softwares as we might be the next victim of this kind of malware.
This is why you just allow an application in to automatically run and install in your system, a decent antivirus is really needed, when i started going to a computer shop, almost all of their computers where infected with virus, they have antivirus but since they allow the application runs and allowed the antivirus can't do anything about it since its already been bypass.
Having an antivirus is a must, for computers who are into crypto, making the settings also sensitive to running applications is necessary, I saw other people who disable their antivirus to be able to run an application, without knowing what they are running in the first place.
Windows users are most prone for these types of attack, that is why hackers targeting windows users.
The best advice i can give for those people who always making mistakes is , don't click anything you don't know, because once they are inside there is no turning back, even if you have a back up, since these malwares were design to take over and steal anything in your computer and send it to their server.