Check Point detects Styx Stealer cryptocurrency theft malware
The program is capable of intercepting cryptocurrencies when they are sent to other addresses
19.08.2024 - 08:20
121
3 min
0
What’s new? Cybersecurity solutions provider Check Point has discovered a malware called Styx Stealer, designed to steal data and cryptocurrencies using a clipping mechanism. Styx Stealer is freely available on the developer's website, and Windows users running the latest version of the OS are protected from the attack because the program exploits a vulnerability in Microsoft's Windows Defender antivirus that was patched last year.
What else is known? Styx Stealer is based on the older Phemedrone Stealer malware and has a number of similar features such as stealing saved passwords, autofill cookies and cryptocurrency wallet data, but also includes new evasion techniques and a crypto clipper feature.
Crypto clipping is the substitution of the cryptocurrency recipient's cryptocurrency wallet address for the attacker's address during a transaction.
Styx Stealer, which was launched in April, is available at $75/month or $350 for a lifetime license. Pricing and features were available on the developer's website until August 16, when they were replaced with information about another product. Purchases could be made via Telegram messenger using bitcoin, LTC, TRX, XMR, or USDT stablecoins. Previously, tutorials for the program were also available on YouTube.
Point Research identified eight wallets allegedly belonging to a Turkey-based Styx Stealer developer, known by the nickname Sty1x, who received about $9500 for subscribing to the program in its first two months of operation. They were also able to uncover the developer's Telegram accounts, email addresses, phone numbers and contacts.
Researchers said Sty1x is in contact with other cybercriminals, including a hacker under the nickname Fucosreal who created a RAT trojan called Agent Tesla to extract data, spread via a Telegram bot.
Losses from crypto project hacks rose by 51% in a month
The incidents resulted in a loss of $266 million
Earlier, a group of researchers discovered a new method for hacking hardware cryptocurrency wallets in which a hacker can reconstruct a user's seed phrase from one-time transaction codes.
Useful material?
Incidents
This is the second hack of the project in the last two months
Sep 16, 2024
Incidents
The exchange’s security service began blacklisting suspicious addresses and collecting information from victims
Sep 16, 2024
Incidents
Scammers took advantage of the former US president’s recent announcement of a real DeFi protocol
Sep 4, 2024
Technologies
The upgrade is aimed at implementing a new decentralized project governance system
Sep 2, 2024
Incidents
The company placed $2б4 billion in bonds maturing in 2026, but their value has fallen dramatically since the entrepreneur’s arrest
Aug 30, 2024
Incidents
In both cases, depending on the outcome of the investigations, the messenger could be blocked
Aug 29, 2024