The CollectorStealer threat is being sold as a malware-as-a-commodity on various underground hacking forums. The CollectorStealer is used to locate and collect data from compromised hosts. What makes this threat rather threatening is that it is being sold at a low price. Ill-minded actors who want to get their hands on the CollectorStealer threat can subscribe for it for as low as $12. The highest price one can pay for CollectorStealer is $75, which will grant them additional features. The affordable price of CollectorStealer might mean that hundreds of nefarious actors have obtained the threat and are distributing it via various infection vectors.
Once the CollectorStealer compromises a targeted PC, its operators can collect:
- Browser history.
- Autofill forms.
- Saved login credentials.
- Files related to gaming platforms like BattleNET and Steam.
- VPN credentials.
- VPN configuration data.
- Telegram and Discord sessions.
- Chat logs and login credentials from Pidgin, Facebook Messenger, and similar instant messaging applications.
- Cryptocurrency related data such as '.wallet' and '.dat' files.
Since there are multiple cybercriminals who are propagating the CollectorStealer threat, there may be various distribution methods. If you want to keep your system safe from CollectorStealer, make sure you download and install a legitimate, modern anti-spyware suite.