Epsilon Stealer

Epsilon Stealer is a data stealer malware that extracts sensitive information from infected systems. It targets data in browsers, gaming apps and cryptocurrency wallets. Epsilon has been seen in campaigns targeting gamers, often distributed through compromised mods or fake download sites.

Key Insights

Epsilon Stealer gets in through malicious links on Discord or fake game download sites. Once you download and run the malicious file, the malware installs and starts extracting data.

Data Extraction

After installation, Epsilon Stealer scans the system for valuable data. It targets browser-stored credentials, session cookies, gaming data, and cryptocurrency wallet info. The malware can extract data from popular browsers and apps so it’s a big threat to your privacy and financial security.

Exfiltration

After collecting the data, Epsilon Stealer exfiltrates the data to the attacker’s server. This is done through webhooks or other network communication so the attacker can get the stolen data remotely without alerting the victim.

Known Variants

Epsilon Stealer has been seen in various campaigns, sometimes under different names. The core functionality is the same, data theft, but some samples may have slight modifications to evade detection or target specific apps.

Mitigation Strategies

Don’t download software or mods from unverified sources.
Update all apps and OS to patch vulnerabilities.
Use reputable antivirus and anti-malware to detect and prevent.
Be cautious of unsolicited messages or links, especially on Discord.

Targeted Industries or Sectors

The main targets of Epsilon Stealer are individual gamers. By targeting gamers, the malware is preying on a demographic that downloads mods, cheats or other game related files which can be an infection vector.