Summary

  • Zscaler discovered a new information stealer called Statc Stealer.
  • Statc Stealer is a sophisticated malware targeting Windows devices to steal sensitive information.
  • The malware disguises itself as authentic Google ads (and .mp4 file) to infect systems.
  • Stealing capabilities include data from web browsers, crypto wallets, credentials, and messaging apps including Telegram.
  • Statc Stealer uses C++ code, evasion techniques, and encryption to hide its actions.
  • The attack chain involves malvertising, dropper, downloader files, and PowerShell scripts.
  • Stolen data is encrypted and sent to a command-and-control (C&C) server.
  • Popular Windows browsers like Chrome, Edge, Brave, and others are targeted.
  • Dee@lemmings.world
    link
    fedilink
    arrow-up
    35
    ·
    1 year ago

    The malware disguises itself as authentic Google ads

    Let this be yet another reminder that you should always browse with some kind of AdBlock enabled.

    • Haui
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      No block, go watch ad!

      Google probably while DRMing the web.