Warning: Styx - another crypto wallet stealer

taufik123

legendary

Activity: 2716

Merit: 1855

Rollbit.com | #1 Solana Casino

Quote from: lovesmayfamilis on September 02, 2024, 04:55:16 AM

Quote from: taufik123 on September 01, 2024, 07:53:39 PM

Use premium dual antivirus with better protection from all kinds of phishing attacks and Other Malicious links.
It must always be up-to-date for device security and not let your guard down in the slightest, I have always applied it to this day.

This stealer is currently being sold on the dark net for rent for only 75 bucks. It has improved protection from detection, and hackers have added the ability to replace the wallet number during a transaction. Previously, it penetrated systems when a hole was discovered in Windows Defender, that is, in the local Windows "antivirus Grin

." I will not say for sure, but I am afraid that it will also be able to bypass all other antivirus.

Who should worry? Windows users who do not bother updating the system or who use Windows without a license and therefore do not have normal updates.
-snip-

Yes that's a concern for all Windows users right now, but there's already an update for the Windows defender vulnerability and a few more updates related to some Exploit that happened to Ipv6 Users, Windows TCP/IP Remote Code Execution Vulnerability .

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38063

Windows users or other OS users should also be concerned about the security of the crypto wallet they are installing, I am also aware that some new loopholes may be found again. But I also need to be prepared with the security that I implement myself, Offline devices, No pirated apps and everything must be licensed.

Rustam Meraj

sr. member

Activity: 322

Merit: 260

Catalog Websites

Quote from: Pmalek on August 30, 2024, 07:54:29 AM

I am guessing that the software is capable of stealing browser passwords. People shouldn't save their passwords in browsers anyway. There have been password stealers capable of stealing this data for a decade now, in various forms. It's a good idea to have a separate computer for your crypto and/or financials and not engage with those activities on your every-day computer you use for browsing the internet. The cookie hijacking feature is a real threat. I wonder if 2FA protects against cookie hijacking?!

First of all you are right I also think it is bad idea to save passwords in browsers because they can be stolen easily. And it is surprising people still do it even though there have been many password stealing viruses in market. While using separate computer for important things like money and crypto is good idea. Cookie hijacking feature is very dangerous because it can get into accounts even with strong passwords. So it is very important to use extra security like special browser protection and anti virus software to stay safe online.

TravelMug

hero member

Activity: 2632

Merit: 833

Quote from: lovesmayfamilis on September 02, 2024, 04:55:16 AM

Quote from: taufik123 on September 01, 2024, 07:53:39 PM

Use premium dual antivirus with better protection from all kinds of phishing attacks and Other Malicious links.
It must always be up-to-date for device security and not let your guard down in the slightest, I have always applied it to this day.

This stealer is currently being sold on the dark net for rent for only 75 bucks. It has improved protection from detection, and hackers have added the ability to replace the wallet number during a transaction. Previously, it penetrated systems when a hole was discovered in Windows Defender, that is, in the local Windows "antivirus Grin

." I will not say for sure, but I am afraid that it will also be able to bypass all other antivirus.

Who should worry? Windows users who do not bother updating the system or who use Windows without a license and therefore do not have normal updates.

Linux on a clean device, separate from surfing the Internet for various topics, is the best choice. Although, with very careless work on Linux, the system also has no guarantees.

So far though, the exploits on Linux system is not on malware, but more on crypto mining.

But I do agree with your points on Microsoft, majority of us are using it and we have heard hackers was able to penetrate it easy. They even perform if the machine is on a sandbox, if they detect it, then they won't inflict the system.

Might be better for us then to move to Linux or any other flavored Unix based.

tabas

hero member

Activity: 3024

Merit: 745

Top Crypto Casino

Quote from: cryptoaddictchie on September 01, 2024, 09:24:04 PM

Quote from: tabas on September 01, 2024, 04:16:20 PM

I don't buy on the partnership anymore as these wallets can basically make some false promotion about how partnered they are with a known company. That's why it's still best to rely on one of the communities that we know and that's here because sets of these wallets have been scrutinized based on their codes.

Yeah but we should confirm if the partnership is legit and known by the other parties cause false promotions are common in web3. Yes you are right community knows best and those users feedback will gave us confidence about the specific wallet we are using if its good and safe from malware and potential threat.

I agree, if you insist on using that wallet with a partnership from a known company, it's always best to verify and confirm first like what we do mostly with the platforms that we're dealing with. And the effective old advice by most of us here is don't use an unfamiliar wallet and stick to the wallets that everyone uses. But even with that, the risk if you're not careful with the links, you might land on the wrong one so be aware at all times. Be wary of the links that are sent to each of us and DYOR.

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

Quote from: taufik123 on September 01, 2024, 07:53:39 PM

Use premium dual antivirus with better protection from all kinds of phishing attacks and Other Malicious links.
It must always be up-to-date for device security and not let your guard down in the slightest, I have always applied it to this day.

This stealer is currently being sold on the dark net for rent for only 75 bucks. It has improved protection from detection, and hackers have added the ability to replace the wallet number during a transaction. Previously, it penetrated systems when a hole was discovered in Windows Defender, that is, in the local Windows "antivirus Grin

." I will not say for sure, but I am afraid that it will also be able to bypass all other antivirus.

Who should worry? Windows users who do not bother updating the system or who use Windows without a license and therefore do not have normal updates.

Linux on a clean device, separate from surfing the Internet for various topics, is the best choice. Although, with very careless work on Linux, the system also has no guarantees.

cryptoaddictchie

legendary

Activity: 2254

Merit: 1377

Fully Regulated Crypto Casino

Quote from: tabas on September 01, 2024, 04:16:20 PM

I don't buy on the partnership anymore as these wallets can basically make some false promotion about how partnered they are with a known company. That's why it's still best to rely on one of the communities that we know and that's here because sets of these wallets have been scrutinized based on their codes.

Yeah but we should confirm if the partnership is legit and known by the other parties cause false promotions are common in web3. Yes you are right community knows best and those users feedback will gave us confidence about the specific wallet we are using if its good and safe from malware and potential threat.

taufik123

legendary

Activity: 2716

Merit: 1855

Rollbit.com | #1 Solana Casino

Quote from: promise444c5 on August 31, 2024, 01:06:27 PM

-snip-
Thus what about the exchange users?fiat transactors and many more of financial transactions?... i will still say it will be the best idea to have a separate PC where those stuffs will be carried out only,

Having a spare PC can indeed be used, but if you don't have another PC or a device that is specifically designed to always be connected to the internet, it is necessary to increase the vigilance and security level of the device you have.

Use premium dual antivirus with better protection from all kinds of phishing attacks and Other Malicious links.
It must always be up-to-date for device security and not let your guard down in the slightest, I have always applied it to this day.

Quote from: BitMaxz on September 01, 2024, 05:35:26 PM

-snip-
Or switch to another OS Like Linux since most of the malware only affects Windows switching to Linux is way safer when it comes to accessing any site randomly compared to Windows OS.

Linux is a safe enough OS to avoid malware that usually attacks the Windows OS, but the use of Linux must also be done correctly because some wrong configurations can be a loophole for attacks that will enter the Linux system used, especially if there is an exploit that is not yet known and has not been updated.

Although the threat of malware is very small, other threats such as phishing links, social engineering and several other exploits need to be watched out for.
It is not about the Linux OS used, but the use must also be smart and know about the OS used. No system is completely secure.

BitMaxz

legendary

Activity: 3374

Merit: 3095

Playbet.io - Crypto Casino and Sportsbook

That is why having an offline wallet will make sure your wallet is far from this kind of malware it is likely a spyware that can monitor all activities you doing.
Switching to Brave browser and disabling pop ads and blocking any script it has a good tool to prevent you to access random website.

Or switch to another OS Like Linux since most of the malware only affects Windows switching to Linux is way safer when it comes to accessing any site randomly compared to Windows OS.

nakamura12

hero member

Activity: 2268

Merit: 669

Bitcoin Casino Est. 2013

Thank you for sharing this op. There are lot of malwares like this and that's why we need to be very careful on what we click when browsing. It's not that we have to click links all the time but there are times that we need to click a link but we need to be very careful with it and check if it's the correct link rather than just clicking it without checking that will only result in getting malware without our knowledge of getting it.

tabas

hero member

Activity: 3024

Merit: 745

Top Crypto Casino

Quote from: cryptoaddictchie on August 31, 2024, 08:03:12 AM

Quote from: tabas on August 31, 2024, 06:34:36 AM

These wallet stealers are in abundance and they're everywhere. The lesson here is not to be too hyperactive with so many wallets and use those wallets that you know mostly so you won't be misled to the wrong links that we are receiving through any channels from email, instant messages, or by any means that they want us to click any link.

Yeah only used wallet that are proven to be trusted and got so many users. Any wallet suggestion without much users is still scary to use whether it has some big partnership. We can only knew if a wallet that being promoted is secure once they have a lot of downloads and some users feedback regarding its efficiency and especially its security.

Thumbs up OP for a great find.

I don't buy on the partnership anymore as these wallets can basically make some false promotion about how partnered they are with a known company. That's why it's still best to rely on one of the communities that we know and that's here because sets of these wallets have been scrutinized based on their codes. Or it's best to check them out as you've said if they don't have that many users at all. I think with most of us here can basically avoid what are the sketchy ones and make it a practice not to click any links that are emailed or messaged to us if they are suspicious.

albon

legendary

Activity: 1890

Merit: 1537

Quote from: Kemarit on August 30, 2024, 05:43:24 AM

A new stealer has been discovered, and it seems a new version of Phemedrone Stealer, but it's more potent and it's capability is more adept that the original, and it is called, Styx Stealer. What makes it more powerful than it's predecessor Phemedrone Stealer[...]

So it means that this criminals are making money already with more than half a Bitcoin.

This is evidence that the Styx Stealer software that these scammers designed and sold for $350 for a lifetime license has been met with interest from unethical buyers who will use this tool to generate this malware that has high-risk improvements for use in digital espionage, fraud, and stealing sensitive data from cryptocurrency users. As these scammers succeed in victimizing others and illegally obtaining funds, the number of malwares will increase and spread widely. Therefore, these topics that discuss all the latest developments and tools of these scammers and the necessary protection methods from them will be important to increase awareness and caution. This financial sector, which we are currently involved in, is heavily targeted, and everyone must follow the necessary protection measures and keep their important data and cryptocurrencies in an offline state.

promise444c5

sr. member

Activity: 476

Merit: 299

Learning never stops!

Quote from: taufik123 on August 31, 2024, 10:58:00 AM

Quote from: Pmalek on August 30, 2024, 07:54:29 AM

I am guessing that the software is capable of stealing browser passwords. People shouldn't save their passwords in browsers anyway. There have been password stealers capable of stealing this data for a decade now, in various forms. It's a good idea to have a separate computer for your crypto and/or financials and not engage with those activities on your every-day computer you use for browsing the internet.

Having a separate computer or a device that is indeed specifically for free use of the internet and a device used to log in to a personal wallet is indeed necessary, because now many devices are easy to be infected with malware or fall into phishing traps so that they will install strange applications without the user's knowledge.

True this is really important for wallet at the moment and if we are talking about wallet that allow this then we c will be considering crypto wallets and not just any kind of crypto wallet but a non custodial wallet,though i'm not sure if all the non custodial wallet can do the complete offline thing because there are users who still like to check balance and make transactions frequently,i believe the only way to do that is through a watch only wallet i.e only the signing will be done on the cold storage wallet.
Thus what about the exchange users?fiat transactors and many more of financial transactions?... i will still say it will be the best idea to have a separate PC where those stuffs will be carried out only,at the same time this is a call to crypto investors storing their funds for a long period?/Holders on exchange to stop doing that and start making use of non-custodial wallet... If you arn't a business type carrying out crypto exchange transaction for time to time(almost daily) then quit using exchange otherwise take good security measures.

taufik123

legendary

Activity: 2716

Merit: 1855

Rollbit.com | #1 Solana Casino

Quote from: Pmalek on August 30, 2024, 07:54:29 AM

I am guessing that the software is capable of stealing browser passwords. People shouldn't save their passwords in browsers anyway. There have been password stealers capable of stealing this data for a decade now, in various forms. It's a good idea to have a separate computer for your crypto and/or financials and not engage with those activities on your every-day computer you use for browsing the internet.

Having a separate computer or a device that is indeed specifically for free use of the internet and a device used to log in to a personal wallet is indeed necessary, because now many devices are easy to be infected with malware or fall into phishing traps so that they will install strange applications without the user's knowledge.

Quote from: Pmalek on August 30, 2024, 07:54:29 AM

The cookie hijacking feature is a real threat. I wonder if 2FA protects against cookie hijacking?!

2FA is not enough to prevent cookie hijacking, and piracy will still be possible on browsers that have been attacked or users who have already entered the trap.

The 2FA security focuses on verifying the user's identity when logging in, while cookie hijacking will occur after the user successfully logs in.
When the attacker has successfully obtained the cookie, then the attacker can use it to access the account without having to go through the 2FA process again, as long as the cookie used is still valid.

Many browsers now use double security to avoid cookie hacking, such as "block third-party cookies" or "private browsing".

cryptoaddictchie

legendary

Activity: 2254

Merit: 1377

Fully Regulated Crypto Casino

Quote from: tabas on August 31, 2024, 06:34:36 AM

These wallet stealers are in abundance and they're everywhere. The lesson here is not to be too hyperactive with so many wallets and use those wallets that you know mostly so you won't be misled to the wrong links that we are receiving through any channels from email, instant messages, or by any means that they want us to click any link.

Yeah only used wallet that are proven to be trusted and got so many users. Any wallet suggestion without much users is still scary to use whether it has some big partnership. We can only knew if a wallet that being promoted is secure once they have a lot of downloads and some users feedback regarding its efficiency and especially its security.

Thumbs up OP for a great find.

tabas

hero member

Activity: 3024

Merit: 745

Top Crypto Casino

Thank you, OP, these wallet stealers are in abundance and they're everywhere. The lesson here is not to be too hyperactive with so many wallets and use those wallets that you know mostly so you won't be misled to the wrong links that we are receiving through any channels from email, instant messages, or by any means that they want us to click any link. Also, it might be helpful OP if you post the addresses that are involved with the Styx by adding a "code" or even not so that it will be visible to everyone not just from the image but also through text.

Davidvictorson

hero member

Activity: 1120

Merit: 887

Livecasino.io

Quote from: Porfirii on August 30, 2024, 07:12:47 AM

I don't agree with you Adbitco: the OP didn't say that you get infected by installing any specific wallet, but by clicking on links we can see while browsing

Is it even possible to browse with internet without clicking links. What I mean is that for example, if I am reading an article on coinbase and there is an interesting link with a crypto caption that catches my attention, how can i tell that that link is a carrier of the malware? Secondly if the malware gets into my mobile device which has no crypto wallet will it remain dormant and get activated if I ever install a crypto wallet or since it didn't find anything it can't remain?

Adbitco

hero member

Activity: 1428

Merit: 653

Leading Crypto Sports Betting & Casino Platform

Quote from: Porfirii on August 30, 2024, 07:12:47 AM

Quote from: Adbitco on August 30, 2024, 05:59:30 AM

Quote from: Kemarit on August 30, 2024, 05:43:24 AM

<...>

Those who may likely fall for this are people who so much attached to using different kinds of wallet and not having special wallet to used, for instance using Electrum wallet then such person has nothing to lose and again should be very careful with what they click on link, for long I barely clicked on any link be it mail or link found here to get started I don't do that because I know we can't actually predicts what would happened at the later end maybe have a remote control of your system and devices. But anyway, thanks for sharing here at least people would be more careful with the way they click and download things.

I don't agree with you Adbitco: the OP didn't say that you get infected by installing any specific wallet, but by clicking on links we can see while browsing or we may receive via email as you also said, so if you use Electrum wallet, for example, and get infected by this new Styx Stealer, your wallet.dat will be stolen like any other wallet.

Yes, using Electrum and not making any experiments by installing unknown wallets is a good security measure, but it has nothing to do with the risk Kemarit warns us about here, as far as I have come to understand.

Yes that is it but in addition had say for safety purposes, you never can tell where exactly this can get affect to one system. Becoming vigilant is much more better, of us I hardly click on links or and besides while making use of my wallet I make sure that every single active window are closed be it on my Laptop or Smartphone to avoid attack which you never know where this attack could come from, it may be from clicking links or something similar so better act smart and play safe with your funds.

Pmalek

legendary

Activity: 2730

Merit: 7065

I am guessing that the software is capable of stealing browser passwords. People shouldn't save their passwords in browsers anyway. There have been password stealers capable of stealing this data for a decade now, in various forms. It's a good idea to have a separate computer for your crypto and/or financials and not engage with those activities on your every-day computer you use for browsing the internet. The cookie hijacking feature is a real threat. I wonder if 2FA protects against cookie hijacking?!

CryptSafe

sr. member

Activity: 728

Merit: 421

Thank you for this update. I believe this information would be of good help to members and mostly newbies here. Lots of people make the mistake of downloading random wallets they see online without prior verification to know the source and many have been the victim of wallets hack they downloaded from random sites too.

Clicking of random link is amongst many hacks on wallets which people can not really tell how it happened but they forget that they had clicked links online which they granted permission to access things on their gadgets. It is better to avoid clicking of ads and downloading files and documents they have no idea the source just because they saw something enticing and catchy.

As for the wallet, I have not really used any other wallet except electrum and trustwallet which so far have provided me with the services of storing my assets for my safety. Although there are other good recommendations out there but for me, I stick to the wallet I can handle and conversant with so I don't get things mixed up. I must say your findings are very accurate and timely.

Porfirii

legendary

Activity: 1932

Merit: 2354

The Alliance Of Bitcointalk Translators - ENG>SPA

Quote from: Adbitco on August 30, 2024, 05:59:30 AM

Quote from: Kemarit on August 30, 2024, 05:43:24 AM

<...>

Those who may likely fall for this are people who so much attached to using different kinds of wallet and not having special wallet to used, for instance using Electrum wallet then such person has nothing to lose and again should be very careful with what they click on link, for long I barely clicked on any link be it mail or link found here to get started I don't do that because I know we can't actually predicts what would happened at the later end maybe have a remote control of your system and devices. But anyway, thanks for sharing here at least people would be more careful with the way they click and download things.

I don't agree with you Adbitco: the OP didn't say that you get infected by installing any specific wallet, but by clicking on links we can see while browsing or we may receive via email as you also said, so if you use Electrum wallet, for example, and get infected by this new Styx Stealer, your wallet.dat will be stolen like any other wallet.

Yes, using Electrum and not making any experiments by installing unknown wallets is a good security measure, but it has nothing to do with the risk Kemarit warns us about here, as far as I have come to understand.

Topic: Warning: Styx - another crypto wallet stealer (Read 281 times)