A new info-stealing malware is running active campaigns against Windows users, according to the researchers. Identified as Statc stealer, the malware can pilfer various types of sensitive information, including browser details and stored data.
Statc Stealer Threatens Windows Systems
In a recent report, researchers from Zscaler ThreatLabz have shared insights about a newly detected malware targeting Windows systems.
As elaborated, the malware, identified as Statc stealer, constitutes a new family of malware exhibiting diversified evasive and data-stealing capabilities.
Specifically, Statc is a C++ malware with effective detection capabilities for reverse engineering and sandbox environments. The malware spreads via malvertising, often mimicking legit advertisements to trick users. Clicking on an ad downloads the malware dropper on the device, where it further downloads a decoy PDF installer and another binary file that downloads the Statc payload via PowerShell script.
Once established on the device, Statc begins performing data-stealing activities, pilfering browser details and stored data from the browsers, including login credentials and crypto wallets, transmitting all stolen data to its C&C server.
If the user stored personal details in the browser for auto-filling forms, then the user also risks identity theft due to this activity. The malware can target various popular Windows browsers, such as Google Chrome, Mozilla Firefox, Microsoft Edge, Opera, Brave, and Yandex.
Alongside browser data, the malware also exploits Windows Process Monitor (ProcMon) component to steal other information, such as Anydesk and Telegram data.
After stealing the desired information, it stores the data as text files in the Temp folder, from where it transmits to the C&C after encryption.
Besides data stealing, Statc malware also exhibits evasive capabilities to bypass security controls.
While the malware presently targets Windows systems only, it remains unclear if the attackers plan to enhance Statc’s capabilities to target other systems as well.
As always, the key to evading Statc and similar malware infections is to avoid clicking on irrelevant links, advertisements, and unsolicited messages. Moreover, users must equip all their devices with robust anti-malware programs.
Let us know your thoughts in the comments.