Pen testing
C2
Epsilon Stealer is a data stealer malware that extracts sensitive information from infected systems. It targets data in browsers, gaming apps and cryptocurrency wallets. Epsilon has been seen in campaigns targeting gamers, often distributed through compromised mods or fake download sites.
Epsilon Stealer gets in through malicious links on Discord or fake game download sites. Once you download and run the malicious file, the malware installs and starts extracting data.
Data Extraction
After installation, Epsilon Stealer scans the system for valuable data. It targets browser-stored credentials, session cookies, gaming data, and cryptocurrency wallet info. The malware can extract data from popular browsers and apps so it’s a big threat to your privacy and financial security.
Exfiltration
After collecting the data, Epsilon Stealer exfiltrates the data to the attacker’s server. This is done through webhooks or other network communication so the attacker can get the stolen data remotely without alerting the victim.
Epsilon Stealer has been seen in various campaigns, sometimes under different names. The core functionality is the same, data theft, but some samples may have slight modifications to evade detection or target specific apps.
Don’t download software or mods from unverified sources.
Update all apps and OS to patch vulnerabilities.
Use reputable antivirus and anti-malware to detect and prevent.
Be cautious of unsolicited messages or links, especially on Discord.
The main targets of Epsilon Stealer are individual gamers. By targeting gamers, the malware is preying on a demographic that downloads mods, cheats or other game related files which can be an infection vector.
BelialDemon is the threat actor behind the malware. As MaaS it’s used by multiple threat actors beyond the original developer.
