SantaStealer stuffs credentials, crypto wallets into a brand new bag
TL;DR
SantaStealer, a new modular infostealer sold on Telegram for $175/month, claims to evade detection on high-security systems but is currently easy to analyze and detect, according to security researchers.
Source: The Register
A new, modular infostealer called SantaStealer, advertised on Telegram with a basic tier priced at $175 per month, promises to make criminals' Christmas dreams come true. It boasts that it can run "fully undetected" even on systems with the "strictest AntiVirus" and those belonging to governments, financial institutions, and other prime targets. Its Russian-speaking operators released the credential- and wallet-stealing malware on Monday, and while infostealers are never welcome news, it does come with a gift to defenders: the samples seen to date are "far from undetectable" and very easy to analyze. This is according to Rapid7 security researcher Milan Špinka, who posted a blog about the stealer shortly before the malware developers released their shiny new tool. Full Story