Summary
- Zscaler discovered a new information stealer called Statc Stealer.
- Statc Stealer is a sophisticated malware targeting Windows devices to steal sensitive information.
- The malware disguises itself as authentic Google ads (and .mp4 file) to infect systems.
- Stealing capabilities include data from web browsers, crypto wallets, credentials, and messaging apps including Telegram.
- Statc Stealer uses C++ code, evasion techniques, and encryption to hide its actions.
- The attack chain involves malvertising, dropper, downloader files, and PowerShell scripts.
- Stolen data is encrypted and sent to a command-and-control (C&C) server.
- Popular Windows browsers like Chrome, Edge, Brave, and others are targeted.
Let this be yet another reminder that you should always browse with some kind of AdBlock enabled.
No block, go watch ad!
Google probably while DRMing the web.