This devious malware is pretending to be gaming cheats, so watch out
>
Cyber criminals try to spread new information-stealing malware (opens in new tab) by presenting it as gaming cheats and hacks.
According to cybersecurity researchers at Cluster25, the malware, dubbed “Erbium”, is a malware-as-a-service, meaning that whoever pays the monthly fee can use all its features.
At the moment, the tool is distributed as a gamecrack, but that could change at any time should another threat actor rent it out or go after a different type of victim.
Cheaper than RedLine Stealer
When it comes to features and pricing, Erbium is comparable to the infamous RedLine Stealer in its capabilities, but is available at a fraction of the cost.
The researchers say it can steal information stored in popular browsers (passwords, cookies, payment details, autofill information, etc.), data from cryptocurrency wallets (Atomic, Exodus, Electrum, and many others), two-factor authentication codes from a number of tools (Trezor Password Manager, EOS Authenticator, Authy 2FA, Authenticator 2FA), as well as taking screenshots, taking Steam and Discord tokens, and Telegram authentication files.
At the same time, it is quite cheaper than RedLine, reportedly costing only $100 for a monthly subscription, or $1,000 for an annual license. While this may still sound like a lot, it costs about a third of what RedLine charges, and it’s also worth noting that Erbium’s price rose from $9, indicating not only strong demand, but a rising popularity.
The hacking community has also praised the creators of Erbium for all their hard work and the fact that they listen to and implement the community’s feedback.
Speaking of the creators, Cluster25 hasn’t established who the authors are, but last summer found that Erbium was being promoted on Russian-speaking forums.
At the same time, endpoints in the US, France, Colombia, Spain, Italy, India, Vietnam and Malaysia were affected.
Through: BleepingComputer (opens in new tab)