Pen testing
C2
Easy Stealer is a new info stealer written in Golang, being sold on underground forums since July 2023. It targets cryptocurrency wallets and browser stored credentials, so personal and financial info is at risk.
Easy Stealer appeared on the Russian underground forum XSS.is in July 2023, being advertised as a cheap and user-friendly tool. It has a custom file grabber and dynamic loader, control panel is hosted on the buyer’s infrastructure.
Technical Details
The malware extracts data from Chromium-based browsers, saved passwords, cookies, autofill history, and credit card details. It also targets over 50 cryptocurrency wallets and runs in memory, supporting PE and DLL formats for flexibility. Golang architecture makes it cross-platform and efficient.
Impact
With its ease of use, affordable price, and active development, Easy Stealer will be used by many cybercriminals. Its ability to add new features will make it a threat to individuals and organizations.
No variants of Easy Stealer found yet. But since it’s still being developed, new versions with more features will come.
Update OS and apps.
Use trusted AV and AM.
Don’t download from untrusted sources.
Enable 2FA.
Easy Stealer doesn’t target any specific industries or sectors. It can be used against any Chromium based browser users or cryptocurrency wallet users so it’s a broad threat.
No threat actors are linked to Easy Stealer. It’s available on underground forums so it’s for many cybercriminals.
