Grakate Stealer

Grakate Stealer is a potent malware threat with numerous nefarious capabilities revolving around obtaining sensitive and private information from its victims. The threat is being offered for sale on underground hacker forums. The creators of the threat have established two payment tiers - a lifetime subscription priced at 2000 rubles, and a monthly one that runs for 490 rubles per month.

If Grakate Stealer manages to infect the target's computer, it can have grave consequences. The malware will attack any Chromium-based and Gecko Web browsers and harvest the saved autofill data, passwords, account credentials, cookies, payment information and more. The attackers also can instruct the threat to target several crypto-wallet applications, such as Atomic, Electrum, Ethereum, Exodus and ZCash, and steal their wallet.dat files. Grakate also can compromise the victim's account for popular apps and social media platforms such as Discord and Telegram.

The expanded functionality of the malware allows it to perform additional cyberespionage activities as well. Grakate can take arbitrary screenshots of the system's desktop and acquire the device's IP address and geolocation. Furthermore, it can collect .cpp, .rdp, . doc, .docx, .h, .hpp, and .txt files from the desktop of the breached device.

The risks posed by Grakate Stealer are significant and should not be underestimated. The attackers can abuse the collected data to make fraudulent purchases, transfer the funds of the victims into accounts under their control and more.