Statc Stealer | Zscaler ThreatLabz Blog
www.zscaler.comBeware of Statc Stealer: Hidden in ads, it unleashes malicious files. Stay vigilant, protect your devices and data from this stealthy threat.
Summary
- Zscaler discovered a new information stealer called Statc Stealer.
- Statc Stealer is a sophisticated malware targeting Windows devices to steal sensitive information.
- The malware disguises itself as authentic Google ads (and .mp4 file) to infect systems.
- Stealing capabilities include data from web browsers, crypto wallets, credentials, and messaging apps including Telegram.
- Statc Stealer uses C++ code, evasion techniques, and encryption to hide its actions.
- The attack chain involves malvertising, dropper, downloader files, and PowerShell scripts.
- Stolen data is encrypted and sent to a command-and-control (C&C) server.
- Popular Windows browsers like Chrome, Edge, Brave, and others are targeted.
You must log in or register to comment.
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community’s icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
- 0 users online
- 39 users / day
- 258 users / week
- 647 users / month
- 1.29K users / 6 months
- 1 subscriber
- 1.67K Posts
- 28.2K Comments
- Modlog
Let this be yet another reminder that you should always browse with some kind of AdBlock enabled.
No block, go watch ad!
Google probably while DRMing the web.
This is, as always from those anti-malware, blown up to sound scary. But this is run-of-the-mill malware, that might be of interest academically because of implementation details, but that’s it.
It’s still normal malware that requires a user executing a file they don’t know where it came from, and probably (article is unclear, and the links have probably been taken down) also giving it admin access.
You don’t need admin access to do a lot of damage on a windows system. From the user space, a malware can:
See this same class of malware at (unfortunate link, but you can see the detailed discussions there): https://www.reddit.com/r/Bitwarden/comments/14r29p6/meduza_stealer_will_steal_on_windows_browser/
The discussion doesn’t actually add much (as it’s people without any extra knowledge), but the linked article there mentions the ability to bypass UAC
In 2008 I went mac and never turned back. Please, don’t tell me about the rare invulnerability of OS X. I get that…I have had zero problems for 15 years. That’s right! No problems at all. Up until 2008, as a Windows user, it was every fucking day.
The only issue I ever had with malware on Windows was false positives, so I can’t complain either.
The usual thing to do is just not execute random executables. If you do that every day, then yeah, you’ll have a bunch of issues.
I’ve only gotten malware on windows once, and I was doing something pretty dodgy “downloading linux ISOs” while half asleep. But it requires some effort to stay away from and on mac you almost don’t have to think about it.
Macs do literally nothing I need a computer to do aside from web browsing, so I never got into them, always opting for thinkpads with windows or linux on them for my work machines and desktops with windows for gaming. If they fit your use case they are amazing though.