In the shadowy realms of the Dark Web, a formidable threat has emerged, sending shockwaves through cybersecurity circles. The ominous specter known as the Meduza Stealer has swiftly risen to prominence, casting a pervasive shadow over digital landscapes. This insidious malware has become a dominant force, demonstrating its prowess in stealth and infiltration. As organizations and individuals navigate the perilous waters of cyberspace, the emergence of the Meduza Stealer serves as a stark reminder of the evolving landscape of cyber threats. In this ominous digital realm, vigilance and proactive cybersecurity measures have never been more crucial.
On the evening of Christmas Eve, the HUNTER unit of Resecurity made a significant finding. It is not just about unwrapping presents; rather, it is about viewing the most recent version of the password stealer which is called Meduza.
According to analysts in the field of cybersecurity, the new update brings version 2.2, which includes the implementation of substantial enhancements. The specialists are of the opinion that it is even capable of competing with other password stealers such as Vidar, Azorult, and Racoon Stealer.
The fact that all of these are infamous for stealing money from online banking accounts makes them a preferred choice among threat actors.
Table of Contents
Meduza Stealer’s New Version Comes with Several Improvements
The blog post that was published by Resecurity on December 27th stated that the version 2.2 of Meduza includes a number of significant enhancements, one of which is an extended support for a variety of software clients.
Browser-based cryptocurrency wallets, an improved credit card (CC) grabber, and sophisticated techniques for password storage dumps across a variety of platforms are some of the enhancements that have been implemented. This development establishes Meduza as a powerful and adaptable instrument for cybercriminals who are looking to get their hands on unlawful earnings.
Versatility and Platform Support
After making its debut in the XSS underground forum, Meduza received favorable comments from members of well-established communities like as Exploit.
In the present moment, it extends its scope to include Windows Server editions (2012/2016/2019/2022) as well as Windows operating systems (10/11). As a result of the author’s ability to demonstrate its smooth operation throughout all editions, the cyber underworld has honored the author with awards for its stability and reliability.
In addition to this, Meduza distinguishes out due to its capacity to extract data from a wide variety of well-known software applications. The vast list includes support for 106 browsers, 107 cryptocurrency wallets, a variety of file extensions using the FileGrabber module, messaging applications such as Telegram, gaming platforms such as Steam and Discord, password managers, virtual private network (VPN) solutions such as OpenVPN, and even email clients such as Outlook.
Read More: Ubisoft Prevented 900GB Data Loss through Security Breach
What Browsers Does Meduza Support?
According to a report by Security Affairs, the browsers that are supported fall into two categories: those that are based on Gecko and those that are. Google Chrome, Microsoft Edge, Firefox, and a great number of other browsers are among the notable ones mentioned. In addition, the incorporation of clients for Discord and Telegram further broadens the reach of Meduza, demonstrating the platform’s capacity to adapt to changing digital environments.
Browsers are not the only place where the popular stealer may be found. The capabilities of Meduza extend to include tools for managing passwords and bitcoin wallets. The software encompasses a wide variety of crypto-extensions, such as Metamask, BinanceChain, and Coin98, in addition to well-known desktop cryptocurrency wallets, such as Coinomi, Exodus, and Electrum.
Meduza is able to infiltrate and harvest critical information from widely used password managers such as LastPass, Bitwarden, and 1Password because of the full support for password managers that it provides.
The development of Meduza is more evidence that the never-ending game of cat-and-mouse that is played between threat actors and cybersecurity specialists will not end immediately upon its conclusion. Hackers become more adept at evading any security defenses that may be present in a particular system as corporations continue to modify their preventative measures.
In the three days following Christmas, the DragonForce ransomware group launched an attack against the Ohio Lottery, which resulted in the lottery being temporarily shut down.
The gaming system continued to function normally in spite of the cyberattack that occurred yesterday. On the other hand, the individuals were cautioned against investing any money into the mobile app or website until the issue was successfully rectified.
Read More: Bluesky Introduces a New Video and Music Player Within the Links App