Introduction to Styx Stealer Malware
Check Point Research recently identified a new and significant threat to cryptocurrency users: the Styx Stealer malware. This malicious software steals sensitive information, including cryptocurrency, by using a technique called clipping. It intercepts and alters the recipient’s wallet address during transactions, diverting funds to the attacker’s account.
Styx Stealer: A Rental-Based Threat
The Styx Stealer malware is being rented out through its developer’s website. Prices are set at $75 per month or $350 for a lifetime license. Launched in April, the malware has already been linked to several attacks. It is based on an older malware called Phemedrone Stealer but includes enhanced features like detection evasion tactics and a new crypto clipper function.
Accidental Discovery of Styx Stealer
Researchers discovered Styx Stealer when the developer accidentally leaked data during debugging. This leak allowed them to trace the malware’s origins and gather essential information about its operations. They found that the developer, located in Turkey, earned about $9,500 in cryptocurrency payments in the first two months of the malware’s release. These payments were linked to eight cryptocurrency wallets.
Exploiting Vulnerabilities and Targeting Users
Styx Stealer exploits a vulnerability in Microsoft Windows Defender, which was patched last year. Users who keep their systems updated are safe, but those who haven’t updated are still at risk. The website promoting Styx Stealer originally provided detailed pricing and product information but was altered on August 16 to feature a different product. Purchases were made through Telegram using various cryptocurrencies, including Bitcoin and Tether. Check Point Research also identified the developer’s Telegram accounts, email addresses, and phone numbers, offering leads for further investigation.
Decline in Illicit Crypto Transactions in 2024
Despite the rise in specific cybercrimes, a recent Chainalysis report noted a decrease in overall illicit cryptocurrency transactions in 2024. However, hacking and ransomware attacks have become more common. The report, released on August 15, revealed that by the end of July 2024, the value of stolen cryptocurrencies had increased by 84%, reaching $1.58 billion. Although the number of hacking incidents only rose slightly (2.8% year-over-year), the average amount stolen per hack surged.
Significant July 2024 Hacks
A major attack on July 18 targeted the Indian crypto exchange WazirX, resulting in over $230 million in losses. This incident accounted for 86.4% of the total losses for the month and highlights the ongoing risks in the cryptocurrency sector, even though overall illicit transactions have decreased.
The post Windows Users Beware: Styx Stealer Malware Can Clip Your Crypto Transactions appeared first on Cryptonews.
