New ‘Planet Stealer’ Malware Emerges: Your Passwords and Crypto Wallets at Risk
A dangerous new malware named Planet Stealer is making its rounds in the cybercriminal underworld, and security experts warn that your passwords, cryptocurrency wallets, and other sensitive information could be in its sights.
Analyzed by researchers at InQuest, Planet Stealer is an “information stealer” trojan. This type of malware focuses on stealing a wide range of data from infected computers, and then sending it back to the attacker.
What Planet Stealer Can Do
Image: @suyog41
Planet Stealer’s creators advertise these nasty capabilities:
- Browser Hijacking: Planet Stealer hunts for stored logins, cookies, and browsing history from popular browsers like Chrome and Firefox.
- Cryptocurrency Theft: It seeks out cryptocurrency wallets, aiming to grab your digital currency assets.
- Messenger Mayhem: This malware attempts to steal logins for messaging apps and gaming platforms.
- Dodging Detection: Planet Stealer has some built-in tricks to try and evade sandboxes and other security tools.
How It Works
Planet Stealer often spreads as a disguised executable file and seems designed to work as a second-stage payload after another piece of malware gets the infection started.
Once running, it communicates with its command-and-control (C2) server. The seller promotes data exfiltration via Telegram, a common tactic for these types of threats. However, the C2 server infrastructure suggests a modern architecture likely built using Python libraries.
What’s the Risk?
Financially motivated cybercriminals regularly buy and deploy these “stealer” trojans. This makes Planet Stealer a potential danger for individuals and businesses alike. Stolen passwords can pave the way for account takeovers, while hijacked cryptocurrency wallets can lead to direct financial losses.
Protect Yourself
Staying protected from Planet Stealer and similar threats involves proactive cybersecurity practices:
- Be Wary of Attachments: Avoid opening email attachments unless you trust the source entirely.
- Software Updates: Keep your operating system and applications up-to-date.
- Strong Antivirus: Invest in reputable security software that includes real-time malware scanning.
- Password Best Practices: Use strong, unique passwords for every account, and consider using a password manager.
