This new Rust-based malware is available for free on hacker forums
The source code is free to use, and people are already using it
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
If you ever wanted your very own infostealer, you can now compile one in just a few minutes, for free, courtesy of unknown threat actors.
Researchers from Cyble found an anonymous poster has shared the source code for a new strain ofmalwareon a hacking forum. Even though it’s still fresh, the source code has already been used in the wild, the researchers further claim, adding that the infostealer has a relatively low detection rate on VirusTotal (22%).
The malware, dubbed Luca Stealer, is written in Rust, a popular programming language that allows for the creation of cross-platform apps (although it only appears to target Windows users for now).
Profiling the targets
Luca Stealer comes with a standard arsenal - stealing passwords and other data stored in Chromium-poweredbrowsers(Chrome, Edge, Brave, etc.), which includes payment data, login credentials, and cookies.
It also steals information regarding cold and hot cryptocurrency wallets,Steamaccounts, and Discord tokens, as well as data found in password management browser add-ons. Furthermore, it grabs screenshots in .png format, and runs a “whoami” command to learn more about the compromisedendpoint. Perhaps surprisingly, it doesn’t hijack the clipboard, which means it doesn’t monitor cryptocurrency transactions.
Whatever data it manages to acquire, it sends to its operators in a .ZIP archive, either via Discord, or Telegram, depending on the size of the bounty.
This malware was rewritten in Rust programming language to make it harder to spot>One of the most dastardly ransomware strains has received a Rust-flavored upgrade>Here’s our take for the best antivirus solutions around
So far, at least 25 different versions of Luca Stealer were found operational in the wild, meaning some hackers took the offer. Whether or not it grows into a massive issue, remains to be seen.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Rust is growing more popular among cybercriminals, Recently, Hive, one of the most destructive ransomware-as-a-service tools, fully migrated from GoLang, to the new programming language. Among other things, Rust offers deep control over low-level resources, has a user-friendly syntax, has several mechanisms for concurrency and parallelism, good variety of cryptographic libraries, and is relatively more difficult to reverse-engineer.
Via:BleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
Cisco issues patch to fix serious flaw allowing possible industrial systems takeover
Washington state court systems taken offline following cyberattack
Google TV will require more RAM for future upgrades – which might leave older TVs and streaming boxes behind
