The malicious software is capable of stealing a wide range of sensitive information.
The Styx Stealer malware is a new threat that Check Point Research’s cybersecurity experts have discovered that targets cryptocurrency users.
By utilizing a method called clipping, the malicious software can steal a variety of sensitive data, including cryptocurrency.
By using this technique, the malware can spoof and change the wallet address of the recipient during transactions, transferring money to the attacker’s account.
Styx Stealer Offered on Rental Basis
The developer’s website is where Styx Stealer can be rented; a lifetime license costs $350, while a $75 monthly fee applies.
The malware was first discovered in April and has since been linked to multiple attacks.
Notably, it is derived from an older malware variant known as Phemedrone Stealer, but with enhanced features including new detection evasion tactics and the addition of a crypto clipper function.
The developer encountered an unexpected data leak while debugging, which led to the unexpected discovery of the malware.
The incident allowed researchers to trace the origins of Styx Stealer and uncover critical information about its operations.
Within two months of the malware’s release, the Turkish developer was found to have received around $9,500 in cryptocurrency payments.
Eight cryptocurrency wallets connected to the developer were the source of these payments.
The main vulnerability that Styx Stealer takes advantage of was fixed in Microsoft Windows Defender last year.
As a result, Windows users with up-to-date systems are not at risk.
However, those who have not updated their systems remain vulnerable to this malware.
On August 16, the Styx Stealer website, styxcrypter.com, was changed to highlight a different product instead of the original comprehensive pricing and product details.
Telegram allowed users to make purchases with a variety of cryptocurrencies, such as Tether and Bitcoin.
The developer’s phone numbers, email addresses, and Telegram accounts have all been located by Check Point Research, offering vital leads for additional research.
Overall Illicit Crypto Transactions Drop in 2024
According to a recent Chainalysis analysis, there will be fewer illegal bitcoin transactions overall in 2024, despite a rise in some specific categories of criminal activity.
Hacking and ransomware attacks are becoming more common, according to a report released on August 15 as part of the mid-year crypto crime update.
Two categories, in particular – stolen funds through hacking and ransomware attacks – have seen an uptick.
In 2024, the resurgence of hacking is especially concerning. Chainalysis noted a substantial increase in the value of stolen assets.
The total value of cryptocurrency theft by the end of July was $1.58 billion, an 84% rise over the same period in 2023.
The average amount stolen each hack increased significantly, despite the fact that the number of hacking incidents only slightly increased (2.8%) over the previous year.
In July alone, hackers stole approximately $266 million through 16 separate breaches, dealing the crypto sector substantial losses.
The attack on the Indian cryptocurrency exchange WazirX on July 18 is noteworthy. This attack alone accounted for over $230 million, or 86.4%, of the month’s total losses.