A hacker is giving away a stealer for free on a forum

3 weeks ago · 3 comments
post-image


Now even inexperienced cybercriminals can carry out attacks.

Cyble security analysts discovered an attacker's post on a cybercriminal forum in which he distributes the MiniStealer constructor and control panel for free. According to the hacker, the stealer can attack various operating systems, including Windows 7, 10 and 11.

Redistributable ZIP files contain a constructor installation file and malware control panel source code. The assembler also helps less experienced hackers create malicious payloads, primarily to attack FTP applications and Chromium-based browsers. In addition, the web panel can be used to retrieve stolen data from the target network.

MiniStealer is a 64-bit .NET binary that uses timestamping. MiniStealer uses several anti-parse checks to prevent sample debugging.

To detect profiling, the code checks to see if the COR_ENABLE_PROFILING environment variable is present and set to 1. MiniStealer also continuously checks to see if the payload is being debugged.

For an FTP application, it steals data from configuration files. For browsers, it copies certain files to the AppData/Browser directory, which stores the user's session and login credentials.

After the release of the MiniStealer, the same cybercriminal published a post in which he was selling a Parrot Stealer assembler and panel for $50. According to him, the Parrot Stealer is a modified version of the MiniStealer.

Experts said that the availability of free malware collectors and panels helps hackers carry out successful attacks in less time. Because the hijacker targets various Windows operating systems, this threat must be treated with caution. In addition, the promotion of freeware malware only encourages and increases the number of cyberattacks.

User Reviews

Guest 2 weeks ago

The availability of free malware builders and panels can assist TAs in carrying out attacks, as TAs do not need to invest time and money to get malware payloads for cybercrime purposes.

Guest 2 weeks ago

On what form can you see it?

Guest 2 weeks ago

Is free???

Comment