October 20, 2023 at 05:57AM
ExelaStealer, a new information stealer, has emerged in the crowded world of off-the-shelf malware. It is an open-source infostealer with customizable features, capable of stealing various types of sensitive data from compromised Windows systems. ExelaStealer is sold on cybercrime forums and a dedicated Telegram channel for as low as $20 a month. It primarily targets newbies due to its affordable price, making it an accessible hacking tool. The malware masquerades as a PDF document and is distributed through phishing or watering hole attacks. The disclosure highlights the continuous threat of data exfiltration and the existence of new players in the infostealer landscape.
Summary:
The meeting notes discuss a new information stealer called ExelaStealer, which is a form of malware designed to capture sensitive data from compromised Windows systems. It is an open-source infostealer with customizations available for purchase. ExelaStealer is capable of stealing passwords, Discord tokens, credit cards, cookies, session data, keystrokes, screenshots, and clipboard content. It is being distributed via an executable that masquerades as a PDF document, suggesting that the initial intrusion vector could be phishing or watering holes. The low cost of this malware makes it attractive to new hackers and lowers the barrier to entry for malicious attacks. It is important for organizations to be aware of this threat and take steps to protect themselves. Additionally, the meeting notes mention other recent cybersecurity events, such as a campaign targeting government and non-profit organizations for cryptocurrency mining and data theft, as well as a joint advisory from U.S. cybersecurity and intelligence agencies about common phishing techniques used by malicious actors.