Styx Stealer malware exploits Windows vulnerability to ‘clip’ crypto
New malware called Styx Stealer has been uncovered by cybersecurity solutions provider Check Point Research. The newly discovered malware can steal a vast array of material, including cryptocurrency, through a mechanism known as clipping. It is freely available on a rental basis on the developer’s website.
Windows users with an up-to-date operating system are safe from the malware, since Styx Stealer depends on a vulnerability in Microsoft Windows Defender that was patched last year.
Malware upgraded to steal crypto
Styx Stealer was discovered because the developer experienced a data leak during debugging. It is derived from an older malware called Phemedrone Stealer. It maintains the functions of Phemedrone Stealer, such as stealing saved passwords, cookies, auto-fill data, cryptocurrency wallet data and instant messenger sessions, while incorporating new detection evasion techniques and adding a crypto clipper function.
Cryptocurrency clipping occurs when malware substitutes a crypto recipient’s wallet address with the bad actor’s wallet during a transaction.
Styx Stealer crypto clipper user interface. Source: Check Point ResearchRelated: Fake Zoom malware steals crypto while it’s ‘stuck’ loading, user warns
Styx Stealer was launched in April and can be licensed for $75 per month or $350 for a lifetime license. The pricing and features were displayed on the website styxcrypter.com until midday on Aug. 16, when they were replaced with information about another product. Purchases could be made via Telegram using Bitcoin ( BTC ), Litecoin ( LTC ), Tron ( TRX ), Tether ( USDT ), or Monero ( XMR ). Explanatory videos were also available on YouTube at one time.
Styx Stealer prices and features. Source: Check Point ResearchHacking is paying well in 2024
Point Research identified eight wallets presumably belonging to the Turkey-based Styx Stealer developer that had received around $9,500 in crypto as payment for the malware in the first two months of its operation.
Source: Check Point ResearchCheck Point Research also obtained the developer’s Telegram accounts, email addresses, phone numbers and contacts.
According to a report released by Chainalysis on Aug. 15, legitimate cryptocurrency activity is growing faster than illicit activity, although the value of the crypto hacked has increased. That is at least in part due to the price recovery of Bitcoin. The number of hacking incidents in 2024 has increased only marginally year-on-year.
Magazine: Pink Drainer creator defends his wallet draining crypto scam kit
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
XEX will launch VELODROME/USDT perpetual contract at 20:00 on December 27
A whale spent $1.42 million to buy 100,000 UNI in a single transaction 15 minutes ago
AVAX breaks above $38