MaaS Appeal: An Infostealer Rises From The Ashes

SUMMARY :

NOVABLIGHT is a NodeJS-based Malware-as-a-Service (MaaS) information stealer developed by a French-speaking threat group. It's sold as an educational tool but used for credential theft and cryptowallet compromise. The malware features heavy obfuscation, multiple anti-analysis techniques, and various data exfiltration methods. It can disable Windows Defender, sabotage system recovery, and inject malicious code into popular Electron-based applications. NOVABLIGHT employs comprehensive system enumeration, captures screenshots and webcam footage, and steals passwords from various sources. The threat actors use Telegram and Discord for sales and support, with licenses valid for up to a year.

OPENCTI LABELS :

data exfiltration,infostealer,credential theft,obfuscation,anti-analysis,electron,maas,nodejs,nova sentinel,malicord,novablight


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


MaaS Appeal: An Infostealer Rises From The Ashes