A crypto stealer seems to have spread through a massive spam campaign across several countries, including the United States, Australia, Japan, and Germany. The malware dubbed â€œPanda Stealerâ€ has been spotted by a cybersecurity company. It is reportedly also distributed on Discord channels.
Malware Can Also Steal Data From Telegram and Discord Apps
According to the report published by Trend Micro, the stealer is a variant of another malware named â€œCollector Stealer,â€ which utilizes the same algorithms to bypass most detection tools. The malware is contained within a malicious Excel file in a .xlsm format.
Once the victim executes a series of Powershell scripts in the infected document, Panda Stealer deploys its malicious processes. It collects sensitive crypto-related data, including private keys and records of past transactions performed with wallets from virtual currencies like dash (DASH), litecoin (LTC), ethereum (ETH).
Researchers from Trend Micro provided further technical details on the malwareâ€™s similarities with other ones:
But the stealer is not limited to catching digital asset-related data from victims. In fact, the study revealed that it has the technical capabilities to steal credentials from Telegram, Nordvpn, and Discord, among others.
Moreover, Panda Stealer can take screenshots from the usersâ€™ computers and catch encrypted data in browsers, such as credit card information.
Recent Crypto Malware Stealers Spotted
Bitcoin.com News has reported the surge of crypto-malware over the past few months. Recently, a cryptocurrency-related malware program named â€œWestealâ€ has been advertised on darknet forums as the â€œleading way to make money in 2021,â€ raising alarms among the cybersecurity community.
The system has the resources to steal bitcoin (BTC) and ethereum, but the malicious code works under a subscription model.
What do you think about the study revealed by the cybersecurity firm? Let us know in the comments section below.