Source code for info-stealing malware released on hacking forums

The source code of an information-stealing malware written in Rust was published free of charge on hacking forums. Rust, a cross-platform language, enables threat actors to target multiple operating systems.

Although security analysts have reported that the malware is actively used in attacks, it has been made clear that the malware in its current form only targets Windows operating systems.

According to Cyble researchers, the new info-stealer called “Luca Stealer” comes with standard capabilities. When executed, the malware attempts to steal data from thirty Chrome-based web browsers where it will steal stored credit cards, login credentials, and cookies.

The stealer also targets a number of “cold” cryptocurrencies and “hot” wallet browser add-ons, Steam accounts, Discord tokens, Ubisoft Play and others. While targeting applications, the malicious software also captures screenshots and stores them as a .png file, and performs a “whoami” to profile the host system and send the details to its operators.

The exfiltration of the stolen data takes place via Discord webhooks or Telegram bots depending on the size of the stolen file. Once it exceeds 50 MB, the malware uses a Discord webhook to send the data back to the attackers.

Unlike other info-stealers, Luca does not have a clipper, which is used to modify the contents of the clipboard to hijack cryptocurrency transactions.

The sources for this piece include an article in BleepingComputer.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web