"Venom Stealer is a newly discovered kit available through malware-as-a-service (MaaS) to anybody wishing to use it. It is not sold but provided on license at $250 per month or $1,800 for lifetime usage."
"Each licensed operator configures their own custom domain via Cloudflare DNS. This way, the infostealer URL never appears in any issued commands."
"The pre-built ClickFix templates include a fake Cloudflare CAPTCHA, a fake OS update, a fake SSL certificate error, and a fake font install page."
"If successful, the Venom Stealer payload is installed and executed. It sweeps every Chromium and Firefox browser on the system."
Infostealers are increasingly sophisticated tools used by cybercriminals to steal credentials. Venom Stealer, a new malware-as-a-service kit, is available for licensing at $250 per month or $1,800 for lifetime access. It allows users to configure custom domains to mask the infostealer's URL. The kit includes social engineering lures to install its payload, targeting Windows and macOS systems. Once executed, it extracts sensitive data from browsers, including passwords and cryptocurrency wallet information.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]