Cybersecurity researchers at Uptycs have uncovered a new Windows infostealer called Meduza Stealer, designed to pilfer highly sensitive information while employing sophisticated methods to avoid detection by security software. The malware focuses on comprehensive data theft, extracting a wide range of browser-related data, as well as targeting crypto wallet extensions, password managers, and 2FA extensions. Meduza Stealer exhibits self-termination capabilities in specific countries and terminates itself if it fails to establish a connection with the threat actor’s server. The malware is available for purchase on dark web forums and encrypted messaging apps, reflecting the growing trend of malicious tools offered as services in the cybercriminal underground.
Security researchers at Uptycs have recently discovered a new Windows infostealer named Meduza Stealer, which presents a significant threat to users’ sensitive information due to its sophisticated evasion techniques. Designed specifically for comprehensive data theft, Meduza Stealer meticulously collects a wide range of browser-related data, including users’ browsing activities, exposing users’ private information to potential misuse.
Notably, Meduza Stealer also poses a risk to crypto wallet extensions, password managers, and 2FA extensions, heightening concerns for individuals and organizations relying on these security measures. The malware’s ability to evade detection is particularly concerning, as it terminates itself if it fails to establish a connection with the threat actor’s server, effectively concealing its presence.
