According to recent reports from cybersecurity researchers, the Mystic Stealer malware is seeing a surge in popularity on hacker forums and darknet marketplaces.
It is used to steal information and cryptocurrencies and targets 40 browsers, 21 cryptocurrency apps, 55 specialized browser extensions, 9 multi-factor authentication and password management applications, Steam and Telegram credentials.
The malware operates on all Windows versions and remains undetected, encrypting communications and directly sending stolen files to the command and control server.
It also collects information about the system and hardware and follows further instructions from its creators who rent it out for a monthly fee of $150, although they have made an exception for CIS countries.
This suggests the origin of the malware. There is a Telegram channel dedicated to its development, where news and feature requests are discussed, among other topics.
