Laturo Stealer
The Laturo Stealer is an infostealer that has been propagated online for some time now. There is nothing too extraordinary about the Laturo Stealer. In fact, it is rather similar to infostealers like the Masad Stealer and the GrandSteal infostealers. Threats of this type tend to function in a very consistent manner – they aim at infiltrating a targeted system, gain persistence on the host, operate quietly in the background, and attempt to collect as much information as they are capable of. The collected data is then transferred to the C&C (Command & Control) server that belongs to the attackers. It has been revealed that the same deceiving actors who are using the RIG Exploit Kit also are utilizing the Laturo Stealer. This means that it is either a threat developed by said group or it is a publicly available hacking tool, which anyone can purchase on certain underground hacking forums. If the latter is the case, the Laturo Stealer might prove to be a rather nasty pest as any shady individual can buy it and propagate it, which means more users may be exposed to it.
Capabilities
The Laturo Stealer does not have any capabilities, which make it stand out compared to other threats that belong to the infostealer class. Once it has gained persistence on the compromised machine, the Laturo Stealer will attempt to exfiltrate data from the host such as:
- Information stored in FTP folders.
- Files linked to a variety of cryptocurrency wallet services, such as 'wallet.dat' files.
- Session files of the Discord and Telegram chatting applications.
- Text files and documents, which may be stored on the user's desktop.
- Autofill forms.
- Web browser history.
- Saved login credentials.
- Browser cookies.
Sometimes, infostealers also target files linked to gaming platforms such as Epic Launcher, Steam and BattleNet.
It is important to keep all your software up to date as the criminals tend to utilize outdated applications to infiltrate their targets. Additionally, it is important to download and install a legitimate anti-malware tool, which will keep your system secure in the future.
