Malware Campaign Sells Storm Infostealer as Legitimate Browser Extension, targetting wallets & accounts
Storm Infostealer Malicious Software Exploits Browser Encryption Weaknesses
In a recent discovery, cybersecurity researchers have uncovered a sophisticated malicious software known as Storm infostealer, designed to bypass Google Chrome’s encryption and exploit vulnerabilities in various web browsers.
“According to our research, Storm infostealer employs a technique called server-side decryption to evade detection by antivirus software.” – Cybersecurity Researcher
Malware Capabilities and Objectives
- Bypassing Google Chrome’s encryption to harvest browser credentials and session cookies
- Targeting other Chromium-based browsers such as Microsoft Edge and Firefox, as well as Gecko-based browsers like Waterfox
- Exploiting vulnerabilities in Telegram, Signal, and Discord accounts, as well as cryptocurrency wallets on platforms like Binance and Coinbase
- Capturing screenshots across multiple monitors to gather more information about the user’s activities
Pricing Tiers and Distribution
- Marketed as a subscription service with different pricing tiers ranging from $300 for a seven-day trial to $1,800 for professional use
- Discovered in 1,715 instances of compromised systems in countries such as India, Brazil, the United States, and the United Kingdom
Recommendations for Protection Against Storm Infostealer
Users should manually log out of sensitive banking or cryptocurrency accounts when finished, rather than relying on session cookies.
“It’s essential to understand that the stolen sessions serve as a starting point for more severe attacks, ultimately leading to complete account takeovers despite strong passwords.” – Cybersecurity Expert
By understanding the tactics employed by Storm infostealer and implementing effective countermeasures, individuals can significantly reduce the risk of falling prey to this sophisticated malware.
About Author
English