Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,177
- Points
- 113
A fresh digital predator bypasses security and is encrypted against detection.
Cyfirma experts have released a report on the Mint Stealer malware operating on the "malware as a service" (MaaS) model. This virus specializes in stealing confidential data and uses advanced methods to bypass security.
Mint Stealer targets a wide range of data: information from web browsers, cryptocurrency wallets, game credentials, VPN clients, instant messengers, and FTP clients. The virus uses encryption and obfuscation to hide its actions.
Mint Stealer is sold through specialized sites, and users are supported through Telegram. The virus container acts as a" dropper " — a program that delivers the main malicious code in compressed form.
Stages of Mint Stealer Operation:
Mint Stealer collects data from various applications, including browsers (Opera, Firefox, Edge), crypto wallets (Exodus, Electrum), and game accounts (Battle.net Minecraft), VPN clients (Proton VPN), and instant messengers (Skype, Telegram). It also collects system information and monitors the clipboard.
After collecting the data, the virus creates an archive and uploads it to free file sharing sites. The URL of the downloaded file is sent to the command server of the virus. Interestingly, data is transmitted to the server via an unsecured connection.
Mint Stealer is a serious threat to cybersecurity, as it is able to steal a wide range of data and avoid detection. The virus is actively sold through specialized sites and receives updates to bypass antivirus programs.
For protection against Mint Stealer, we recommend:
These measures will help reduce the risk of infection and protect important data from theft.
Source
Cyfirma experts have released a report on the Mint Stealer malware operating on the "malware as a service" (MaaS) model. This virus specializes in stealing confidential data and uses advanced methods to bypass security.
Mint Stealer targets a wide range of data: information from web browsers, cryptocurrency wallets, game credentials, VPN clients, instant messengers, and FTP clients. The virus uses encryption and obfuscation to hide its actions.
Mint Stealer is sold through specialized sites, and users are supported through Telegram. The virus container acts as a" dropper " — a program that delivers the main malicious code in compressed form.
Stages of Mint Stealer Operation:
- The first stage. The virus extracts the payload from its resource partition and creates temporary files on the user's system.
- The second stage. Launch uploaded files and prepare for data collection.
- The third stage. Collect information, including data from browsers, wallets, games, VPNs, instant messengers, and FTP clients.
Mint Stealer collects data from various applications, including browsers (Opera, Firefox, Edge), crypto wallets (Exodus, Electrum), and game accounts (Battle.net Minecraft), VPN clients (Proton VPN), and instant messengers (Skype, Telegram). It also collects system information and monitors the clipboard.
After collecting the data, the virus creates an archive and uploads it to free file sharing sites. The URL of the downloaded file is sent to the command server of the virus. Interestingly, data is transmitted to the server via an unsecured connection.
Mint Stealer is a serious threat to cybersecurity, as it is able to steal a wide range of data and avoid detection. The virus is actively sold through specialized sites and receives updates to bypass antivirus programs.
For protection against Mint Stealer, we recommend:
- don't open files from unverified sources;
- use reliable antivirus software;
- update all software regularly;
- be alert to possible social engineering attacks.
These measures will help reduce the risk of infection and protect important data from theft.
Source
