Stealit Malware Strikes Again: Fake Game & VPN Installers Turn Mediafire and Discord into Cybercrime Havens
Stealit malware is sneaking into systems via fake game and VPN installers shared on Mediafire and Discord. This sneaky malware even pretends to be a legit site, iloveanimals.shop, offering “professional data extraction solutions.” So, if your computer starts acting like a secret agent, it might be time to investigate!
Hot Take:
When malware creators start moonlighting as “professional data extraction solution” providers, you know the cybercriminal job market is booming. In the world of Stealit malware, even the most dangerous threats have subscription plans, proving once again that crime really does pay—sometimes in monthly installments.
Key Points:
- Stealit malware is spreading through fake game and VPN installers on Mediafire and Discord.
- It leverages Node.js SEA and sometimes Electron to execute without needing Node.js installed.
- The malware’s command-and-control site masquerades as a commercial entity offering “data extraction solutions.”
- Fortinet researchers discovered this campaign amidst a surge of Visual Basic script detections.
- Stealit offers a slew of malicious features, including screen and webcam monitoring, file theft, and ransomware delivery.
Already a member? Log in here