Experts at Cyfirma released a report on the malware Mint Stealer, which takes advantage of the “Malware-as-a-Service” (MaaS) concept.
A report on the malware Mint Stealer, which uses the “malware-as-a-service” (MaaS) concept, was published by experts at Cyfirma. This malware uses cutting-edge methods to get over security controls and focuses on collecting sensitive information. A vast variety of data is targeted by Mint Stealer, such as data from online browsers, cryptocurrency wallets, gaming credentials, VPN clients, chat programs, and file transfer protocols. The malware employs obfuscation and encryption to hide its actions. Mint Stealer is available for purchase on specialist websites, and Telegram is used for customer service. The main malicious code is delivered in a compressed format by the malware container, which serves as a “dropper.”
Phases in which Mint Stealer functions: The malware generates temporary files on the user’s computer and extracts the payload from its resource section. After that, it runs the files that have been loaded and becomes ready to gather data. Information from games, VPNs, FTP clients, messengers, wallets, and browsers is gathered in the last step. Browsers (Opera, Firefox, Edge), cryptocurrency wallets (Exodus, Electrum), gaming accounts (Battle.net, Minecraft), VPN clients (Proton VPN), and messaging services (Skype, Telegram) are just a few of the apps from which Mint Stealer gathers data. In addition, it collects system data and keeps an eye on the clipboard.
The malware generates an archive and sends it to websites that allow users to share files for free after gathering data. The malware’s command server receives the uploaded file’s URL. Notably, an unprotected connection is used for the data transfer to the server. Because Mint Stealer can take a wide range of data while remaining undetected, it presents a serious threat to cybersecurity. The malware is updated to evade antivirus software and is actively marketed on specialized websites. In order to defend against Mint Stealer, it is advised that: Steer clear of opening files from unreliable sources. Make use of trustworthy antivirus software. Update all software on a regular basis. Watch out for any social engineering scams. By taking these precautions, the danger of infection will be reduced, and sensitive data will be protected from theft.
Also read: Achieving Rapid Outcomes with AI-Driven Cloud Analytics
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.