A new and sophisticated infostealer, named FleshStealer, has emerged, targeting users of Chrome and Mozilla browsers. This malware, uncovered by Flashpoint analysts, is designed to steal sensitive data, including credentials, cryptocurrency wallet information, and two-factor authentication (2FA) codes.
FleshStealer was first detected in September 2024 by cybersecurity researchers. It is written in C# and operates through a web-based control panel. The lightweight malware, ranging only 150-300 kilobytes, employs advanced evasion techniques, such as encryption and virtualization detection, to avoid being caught by security measures. It targets over 70 browser extensions and leverages stolen browser cookies to reset Google sessions. The malware’s creators have even provided 24/7 technical support to its operators, indicating a highly organized operation.
This infostealer malware uses several advanced tactics to achieve its goal namely, Privilege Escalation (T1547), Defense Evasion (T1027 & T1497), Process Discovery (T1057), and Data Collection and Exfiltration (T1560 & T1567).
Cybersecurity experts are urging users to take immediate action by updating browser extensions, using strong and unique passwords, enabling two-factor authentication, and regularly monitoring accounts for suspicious activity. Authorities are also working to identify and dismantle the infrastructure supporting FleshStealer, aiming to reduce its impact and prevent further infections.
#CyTech #CyTechNewsRoom #Cybersecurity #CISO #CISOWorkplace #breach
Leave a Reply