Since April 2023, a newly discovered malware called 'Mystic Stealer' has been making waves in the cybercrime community. This information-stealing malware has gained significant attention on hacking forums and darknet markets, garnering widespread interest and usage.

Available for a monthly rental fee of $150, Mystic Stealer is designed to target various web browsers, browser extensions, cryptocurrency applications, MFA and password management applications, cryptocurrency browser extensions, as well as credentials for platforms like Steam and Telegram. Its capabilities are extensive, allowing it to infiltrate and extract sensitive data from a wide range of sources.

The emergence of Mystic Stealer has prompted simultaneous reports from prominent cybersecurity firms. In a joint report by InQuest and Zscaler, experts express concern about the sophistication of this malware and the alarming increase in its sales. It is evident that numerous new campaigns exploiting Mystic Stealer are being launched, signaling a growing threat to individuals and organizations alike.

An Executive Guide To Email Hygiene: Secure Communication And Boost Business Value

In today's digital world, email remains a crucial channel for businesses to communicate with clients, partners and employees. At the same time, cybercriminals realize this and place significant focus on exploiting this channel to conduct attack campaigns against businesses of all types and sizes.

Read more

Mystic Stealer: The New Kid on the Block

Together, InQuest and Zscaler ThreatLabz have analyzed a new malware family, Mystic Stealer. The information-stealing malware extracts data from various sources, including web browsers and cryptocurrency wallets, through its obfuscation techniques and the use of an encrypted binary protocol for communication. The malware then collects a wide range of information, such as system details, browsing history, auto-fill data, and credentials from multiple web browsers and extensions. The impact and future trajectory of Mystic Stealer are yet to be determined, but its capabilities and sophistication pose a significant threat.

Read more

CVExploits

Your comprehensive database for CVE exploits from across the internet.

Read more

PackMyPayload

This tool takes a file or directory on input and embeds them into an output file acting as an archive/container.

Read more

Ransomchats

Here you'll find ransomware negotiations normalised as JSON files. Ransomware negotiations are usually not shared widely, limiting the understanding of the process.

Read more

OnlyDcRatFans: Malware Distributed Using Explicit Lures of OnlyFans Pages and Other Adult Content

In May 2023, esentire identified DcRAT, a clone of AsyncRAT, at a consumer services customer. DcRAT is a remote access tool with info-stealing and ransomware capabilities. The malware is actively distributed using explicit lures for OnlyFans pages and other adult content.

Read more

".Zip" top-level domains draw potential for information leaks

As a result of Google’s announced sale of new TLDs that are also popular file extension formats, there is an increased risk with the deployment of the “.zip” domain that threat actors will develop new vectors for compromising victims. In early May 2023, Google released eight new TLDs, marketing the “.zip” domain as a way of letting an audience know that a domain’s owner is “fast, efficient, and ready to move.”

Read more

New Fast-Developing ThirdEye Infostealer Pries Open System Information

FortiGuard Labs recently came across files that look suspicious, even during a cursory review. Their subsequent investigation confirmed that the files are malicious and revealed there is more to them than meets the eye: they are a previously unseen infostealer that have named “ThirdEye”.

Read more