Newly identified information-stealing malware Myth Stealer has been spread through fake gaming websites, reports The Hacker News.
Execution of the loader triggers a hoax setup window while the stealer component is being decrypted and deployed, according to findings from Trellix researchers. All running browser processes are then terminated by the Rust-based Myth Stealer before proceeding with the exfiltration of saved passwords, cookies, and autofill data to either a remote server or a Discord webhook. "The malware authors regularly update stealer code to evade AV detection and introduce additional functionality such as screen capture capability and clipboard hijacking," said researchers. Such a development comes after backdoored game cheats and pirated software installers were reported by Palo Alto Networks Unit 42 researchers to have been leveraged to spread the Blitz malware on Windows systems, most of which are in Russia. Another CYFIRMA report detailed Windows systems compromise via the new DuplexSpy RAT.
