The already booming malware-as-a-service market got a new addition in January when a new info stealer malware called Stealc emerged on the dark web. Developed in Russia, its creators hope to earn some cash by selling it to other criminals who are looking for easier ways to steal users’ data online.
The creators let their “customers” test the virus before purchasing the service for a longer term. Subscription plans for this malicious software are $200 a month, $500 for three months, or $800 for six months.
At the end of last year, NordVPN released research about five million people whose data (such as logins, auto-fill forms, or device configuration information) was stolen by info stealers like RedLine, Vidar, or Racoon. Stealc malware is the newest addition to the family.
“For the hackers based in Russia, creating new malware is not only a way to earn money, but also an opportunity to show their political stance. In fact, the malware is banned for users from Ukraine,” says Adrianus Warmenhoven, cybersecurity advisor at NordVPN. “It is hard to say how much damage Stealc is causing, but a new player in the malware-as-a-service (MaaS) market means the industry is growing.
“Cybercriminals develop more sophisticated software that targets a broader range of browsers, browser extensions, and cryptocurrency wallets,” he says. “The only way for users to keep their data safe is by being cautious and using trustworthy anti-malware tools.”
Stealc malware is currently spreading around the Internet through malicious links in YouTube videos describing how to install cracked software for free, or torrent files.
MaaS (or malware-as-a-service) is a service that allows users to use already-developed malware and perform virus attacks. MaaS is like an evil twin of the software-as-a-service (SaaS) model. Typically, clients of such services are offered a personal account through which to control the attack, as well as technical support. It enables lay users to steal their targets’ data without much technical knowledge.
“Sometimes the user-friendliness and availability of MaaS services are surprising,” says Warmenhoven. “They may even have customer service, various discounts, bundle offers, and customer reviews. After having such a smooth experience stealing data, criminals can have an even smoother experience selling it on bot markets or other markets on the dark web.”
To protect their devices from new Stealc malware or any other kind of info stealer users should be cautious about the files they download online and the links they click.
“Downloading free software means that you could be paying cybercriminals with your own online data,” explains Warmenhoven. “The same goes for links promising too-good-to-be-true deals. Most of them appear online to spread dangerous malware.
“To protect yourself, use an antivirus or any other anti-malware software at all times,” he adds. “Other measures that could help – a password manager, and file encryption tools to make sure that even if a criminal infects your device, there is very little for them to steal.”