Styx Stealer can steal data and redirect crypto transactions from an exposed computer to the hacker’s wallet.
Cybersecurity solutions provider Check Point Research has identified a novel malware known as Styx Stealer. A mechanism known as clipping enables the newly discovered malware to pilfer an enormous amount of material, including cryptocurrency. The developer’s website offers it for free on a rental basis.
Since Styx Stealer is dependent on a vulnerability in Microsoft Windows Defender that was resolved last year, Windows users who have an up-to-date operating system are protected from the malware.
Styx Stealer Malware has been enhanced to facilitate theft of cryptocurrency
The developer encountered a data breach during debugging, which led to the discovery of Styx Stealer. It is a descendant of an ancient malware known as Phemedrone Stealer. It retains the capabilities of Phemedrone Stealer, including the ability to siphon saved passwords, cookies, auto-fill data, cryptocurrency wallet data, and instant messenger sessions. Additionally, it incorporates new detection evasion techniques and includes a crypto clipper function.
Malware substitutes the wallet address of a crypto recipient with that of the bad actor during a transaction, a process known as cryptocurrency clipping.
Styx Stealer was introduced in April and is available for licensing at a rate of $75 per month or $350 for a lifetime license. The pricing and features were displayed on the styxcrypter.com website until midday on Aug. 16, at which point they were substituted with information about an alternative product. Bitcoin, Litecoin, Tron, Tether, or Monero may be employed to facilitate transactions through Telegram. On YouTube, there were also videos that provided explanations.
Is hacking is now a profession in 2024?
In the initial two months of its operation, the Styx Stealer developer, based in Turkey, was believed to have received approximately $9,500 in cryptocurrency as payment for the malware. Point Research identified eight wallets that were likely associated with the developer.
The developer’s email addresses, phone numbers, contacts, and Telegram accounts were also obtained by Check Point Research.
Legitimate cryptocurrency activity is expanding at a faster pace than illicit activity, as indicated by a report published by Chainalysis on August 15. However, the value of the compromised cryptocurrency has increased. The price recovery of Bitcoin is at least partially responsible for this. The number of cybercrime incidents in 2024 has only slightly increased year over year.
