MoistStealer Malware

The MoistStealer Malware is a malware threat that cyber attackers use to collect personal data from PC users. This threat also is known to act as a “clipper” – it detects cryptocurrency wallet addresses saved on a victim’s clipboard and replaces them with cryptocurrency wallets controlled by the operators of the malware. MoistStealer has been written in #C programming language, and it is sold on underground hacking forums for 499 Rubles with buyers’ wallets in clipper currently. The tool can be downloaded for free if sellers’ wallets are included in the “clipper.”

Since MoistStealer collects auto-fill data stored on popular browsers like Mozilla or Chrome, cybercriminals can exploit its functionalities to collect login data – usernames, passwords, e-mail addresses, credit card details, telephone numbers, etc. This threatening program also can be used to collect FileZilla and Discord data, including users’ credentials. Furthermore, MoistSteal can extract confidential user data by making screenshots on infected computers. The extracted data is sent to a Telegram bot that acts like a Command and Control server.

Proliferations channels of MoistStealer can be all typical malware distribution methods, like social engineering attacks, spam campaigns with corrupted e-mail attachments, software “cracks,” Trojans and many others. Info-stealers and clippers like this one are designed to remain silent on affected computers. Therefore victims would not notice any particular symptoms of this infection. Yet, as MoistStealer can compromise various personal online accounts, it can cause significant material losses and privacy issues reaching up to identity theft. Victims can use an automatic malware removal program to detect and remove this threat from their PCs.