Chasing Eddies: New Rust-based InfoStealer used in CAPTCHA campaigns
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A novel Rust-based infostealer called EDDIESTEALER has been discovered, distributed through fake CAPTCHA campaigns. The malware uses deceptive verification pages to trick users into executing a malicious PowerShell script, which deploys the infostealer. EDDIESTEALER targets sensitive data including credentials, browser information, and cryptocurrency wallet details. It communicates with a command and control server to receive tasks and exfiltrate data. The malware employs string obfuscation, API obfuscation, and other evasion techniques. It specifically targets various crypto wallets, browsers, password managers, FTP clients, and messaging applications. The use of Rust in its development reflects a growing trend among threat actors seeking enhanced stealth and resilience against traditional analysis methods.
OPENCTI LABELS :
powershell,data exfiltration,infostealer,rust,cryptocurrency,captcha,eddiestealer
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Chasing Eddies: New Rust-based InfoStealer used in CAPTCHA campaigns