{"id":376,"date":"2021-12-16T11:38:12","date_gmt":"2021-12-16T11:38:12","guid":{"rendered":"http:\/\/cryptoheretostay.com\/?p=376"},"modified":"2021-12-16T11:38:13","modified_gmt":"2021-12-16T11:38:13","slug":"cybersecurity-firm-spots-a-crypto-stealer-distributed-through-a-massive-email-spam-campaign-and-discord-channels","status":"publish","type":"post","link":"https:\/\/cryptoheretostay.com\/?p=376","title":{"rendered":"Cybersecurity Firm Spots a Crypto Stealer Distributed Through a Massive Email Spam Campaign and Discord Channels"},"content":{"rendered":"<p> <script type=\"text\/javascript\">\r\namzn_assoc_placement = \"adunit0\";\r\namzn_assoc_tracking_id = \"totafreearti-20\";\r\namzn_assoc_ad_mode = \"search\";\r\namzn_assoc_ad_type = \"smart\";\r\namzn_assoc_marketplace = \"amazon\";\r\namzn_assoc_region = \"US\";\r\namzn_assoc_default_search_phrase = \"crypto\";\r\namzn_assoc_default_category = \"All\";\r\namzn_assoc_search_bar = \"false\";\r\namzn_assoc_title = \"\";\r\namzn_assoc_rows =\"1\";\r\n<\/script>\r\n<script src=\"\/\/z-na.amazon-adsystem.com\/widgets\/onejs?MarketPlace=US\"><\/script><br \/>\n<\/p>\n<p><strong>A crypto stealer seems to have spread through a massive spam campaign across several countries, including the United States, Australia, Japan, and Germany. The malware dubbed \u201cPanda Stealer\u201d has been spotted by a cybersecurity company. It is reportedly also distributed on Discord channels.<\/strong><\/p>\n<h2 style=\"text-align: center;\">Malware Can Also Steal Data From Telegram and Discord Apps<\/h2>\n<p>According to the report published by Trend Micro, the stealer is a variant of another malware named \u201cCollector Stealer,\u201d which utilizes the same algorithms to bypass most detection tools. The malware is contained within a malicious Excel file in a .xlsm format.<\/p>\n<p>Once the victim executes a series of Powershell scripts in the infected document, Panda Stealer deploys its malicious processes. It collects sensitive crypto-related data, including private keys and records of past transactions performed with wallets from virtual currencies like dash (DASH), litecoin (LTC), ethereum (ETH).<\/p>\n<p>Researchers from Trend Micro provided further technical details on the malware\u2019s similarities with other ones:<\/p>\n<p>Panda Stealer was found to be a variant of Collector Stealer, which has been sold on some underground forums and a Telegram channel. Collector Stealer has since been cracked by a Russian threat actor called NCP, also known as su1c1de. (\u2026) Like Panda Stealer, Collector Stealer exfiltrates information like cookies, login data, and web data from a compromised computer, storing them in an SQLite3 database. It also covers its tracks by deleting its stolen files and activity logs after its execution.<\/p>\n<p>But the stealer is not limited to catching digital asset-related data from victims. In fact, the study revealed that it has the technical capabilities to steal credentials from Telegram, Nordvpn, and Discord, among others.<\/p>\n<p>Moreover, Panda Stealer can take screenshots from the users\u2019 computers and catch encrypted data in browsers, such as credit card information.<\/p>\n<h2 style=\"text-align: center;\">Recent Crypto Malware Stealers Spotted<\/h2>\n<p>Bitcoin.com News has reported the surge of crypto-malware over the past few months. Recently, a cryptocurrency-related malware program named \u201cWesteal\u201d has been advertised on darknet forums as the \u201cleading way to make money in 2021,\u201d raising alarms among the cybersecurity community.<\/p>\n<p>The system has the resources to steal bitcoin (BTC) and ethereum, but the malicious code works under a subscription model.<\/p>\n<p><em><strong>What do you think about the study revealed by the cybersecurity firm? Let us know in the comments section below.<\/strong><\/em><\/p>\n<p>Felipe Erazo <\/p>\n<p class=\"article__body__author__info__about\">\nBorn in Colombia, Felipe earned a degree in journalism at the University of Chile with the highest honor in the overall ranking and holds a Bachelor of Arts in Social Communication. He is a writer with more than nine years of experience, first in the Forex field and later in the crypto industry as an analyst\/news junkie. Among his interest topics include human rights, decentralization, financial markets, geopolitics, sports, and new technologies. An inveterate traveler, and always attracted to a good plate of food.<\/p>\n<p><i class=\"td-icon-font td-icon-linkedin\"\/><\/p>\n<p><i class=\"td-icon-font td-icon-mail-1\"\/><\/p>\n<p><i class=\"td-icon-font td-icon-twitter\"\/><\/p>\n<p class=\"images_credits\"><em>Image Credits: Shutterstock, Pixabay, Wiki Commons<\/em><\/p>\n<p>More Popular NewsIn Case You Missed It<\/p>\n<p><script type=\"text\/javascript\">\r\namzn_assoc_placement = \"adunit0\";\r\namzn_assoc_tracking_id = \"totafreearti-20\";\r\namzn_assoc_ad_mode = \"search\";\r\namzn_assoc_ad_type = \"smart\";\r\namzn_assoc_marketplace = \"amazon\";\r\namzn_assoc_region = \"US\";\r\namzn_assoc_default_search_phrase = \"bitcoin\";\r\namzn_assoc_default_category = \"All\";\r\namzn_assoc_search_bar = \"false\";\r\namzn_assoc_title = \"\";\r\namzn_assoc_rows =\"1\";\r\n<\/script>\r\n<script src=\"\/\/z-na.amazon-adsystem.com\/widgets\/onejs?MarketPlace=US\"><\/script><br \/>\n<br \/><a href=\"https:\/\/news.bitcoin.com\/cybersecurity-firm-spots-a-crypto-stealer-distributed-through-a-massive-email-spam-campaign-and-discord-channels\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A crypto stealer seems to have spread through a massive spam campaign across several countries, including the United States, Australia, Japan, and Germany. The malware dubbed \u201cPanda Stealer\u201d has been spotted by a cybersecurity company. It is reportedly also distributed on Discord channels. Malware Can Also Steal Data From Telegram and Discord Apps According to [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":377,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wp_rev_ctl_limit":""},"categories":[1],"tags":[],"class_list":["post-376","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-crypto-updates"],"_links":{"self":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/376","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=376"}],"version-history":[{"count":1,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/376\/revisions"}],"predecessor-version":[{"id":378,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/posts\/376\/revisions\/378"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=\/wp\/v2\/media\/377"}],"wp:attachment":[{"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=376"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=376"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cryptoheretostay.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=376"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}