In yet another sign of a lucrative crimeware-as-a-service (CaaS) ecosystem, cybersecurity researchers have discovered a new Windows-based information stealer called Meduza Stealer that’s actively being developed by its author to evade detection by software solutions.
“The Meduza Stealer has a singular objective: comprehensive data theft,” Uptycs said in a new report. “It pilfers users’ browsing activities, extracting a wide array of browser-related data.”
“From critical login credentials to the valuable record of browsing history and meticulously curated bookmarks, no digital artifact is safe. Even crypto wallet extensions, password managers, and 2FA extensions are vulnerable.”