Echelon is the name of an infostealer that is advertised online by its creator. The individual behind the Echelon Stealer is a cyber crook under the username 'Madcode.' The Echelon Stealer was publicly available on the GitHub platform. However, the administrators of the website have caught wind of it and have already removed several pages associated with the Echelon Stealer. Legitimate websites like GitHub do not allow malware on their platforms and will take down any content that may be perceived as unsafe. Despite the efforts of the GitHub administrators, the Echelon Stealer is still freely available online as other shady individuals have downloaded the content and are distributing it themselves.
The main goal of the Echelon Stealer is to obtain sensitive information from its targets. Infostealers, like the Echelon Stealer, are usually programmed to operate in a very stealthy manner in order to avoid raising any red flags. This makes sense as the longer the Echelon Stealer is able to operate on an infected host, the more information it can steal. Infostealers tend to target login credentials, personal conversations, sensitive files, etc. The main purpose of the Echelon Stealer is to get access to:
- Files related to cryptocurrency wallets.
- Specific filetypes.
- Database files, which are associated with the activity of popular Web browsers (Mozilla Firefox, Google Chrome, etc.).
- VPN and FTP login credentials.
The Echelon Stealer is a very potent threat that may use multiple infection vectors and infect a large number of users. To keep your system secure from threats like the Echelon Stealer, it is advisable to invest in a reputable, up-to-date anti-virus suite.