BlackGuard Stealer

The BlackGuard Stealer is an infostealer malware written in the C# programming language. The threat is being offered for sale on various hacker forums. The creators of the malware have set two payment tiers for their cybercriminal clients. Access to the BlackGuard Stealer can be purchased for $200 a month or by making a one-time payment of $700.

The harmful capabilities of the threat, include the collection of sensitive information, such as passwords, autofill browser data, cookie information and more. BlackGuard can extract data from numerous crypto-wallet applications, such as Atomic Wallet, Electrum, Ethereum, Litecoin Core, Monero, Jaxx, and Zcash if they are installed on the system. Furthermore, the malware can access wallets installed on Chrome or the Edge browser. The targets include Binance, BitApp, Metamask, XinPlay, and more, on Chrome and Aubetas, Math, Metamask, Ronin, Yoroi and ZilPay on Edge. 

Other users' applications are not safe from BlackGuard Stealer infiltration as well. The popular PC game store Steam or the Discord, Telegram and Pidgin clients can have their data compromised. Even VPN clients including NordVPN, OpenVPN and PRotonVPN, can be affected by BlackGuard Stealer. Finally, the list of targeted applications includes FTP clients, such as TotalCommander, FileZilla and WinSCP. It is clear that a BlackGuard Stealer infection could have serious consequences for the victims.