The CYFIRMA team has uncovered "Kematian-Stealer," a sophisticated info stealer targeting Windows systems, hosted on GitHub. This open-source malware is designed to stealthily extract data from a wide range of sources, including browsers, cryptocurrency wallets, messaging apps, gaming platforms, VPNs, and email clients.
 
Kematian-Stealer employs advanced techniques such as covert data extraction, persistence mechanisms, detection evasion, in-memory execution, and data exfiltration via Discord webhooks. It can also download and execute additional scripts and payloads directly into memory. The builder for Kematian-Stealer, also hosted on GitHub, allows users to customize and deploy the malware. Features and C2 server details can be configured through a web interface.

Link to the Research Report: Kematian-Stealer : A Deep Dive into a New Information Stealer - CYFIRMA
 
#CyberSecurity#InfoStealer#KematianStealer#ThreatDetection#CyberThreats#StaySafe#CYFIRMA#CYFIRMAResearch

https://www.cyfirma.com/