Serpent Stealer Acquire Browser Passwords and Erases Intrusion Logs
Beneath the surface of the cyber realm, a silent menace emerges—crafted with the precision of the .NET framework, the Serpent Stealer slithers undetected through security measures, leaving traces of its intrusion.
Researchers at K7 Labs have analyzed the malware called “serpent.” This malware can bypass several security measures implemented in Windows, such as User Access Control (UAC), debuggers, and virtual machines.
It can also steal sensitive data, including browser data and passwords, and exfiltrate it using Webhooks and Discord abuse.
This information is significant for individuals and organizations looking to protect their systems from potential cyber threats.
Dive into the realm of a 64-bit portable executable, discreetly infiltrating systems with unparalleled stealth.
Serpent Stealer is on sale
Serpent Stealer is a stealer that has 24/7 support, FUD, very hard to decompile, steals cookies, FTP logins, SSH keys, passwords, system info and much more.
[
](https://twitter.com/hashtag/DarkWeb?src=hash&ref_src=twsrc%5Etfw)
[
pic.twitter.com/iNcvm89b9u
— Daily Dark Web (@DailyDarkWeb)
[
October 16, 2023
](https://twitter.com/DailyDarkWeb/status/1713963018646593714?ref_src=twsrc%5Etfw)
Witness the Serpent Stealer’s insidious data harvesting prowess.
Like a digital plunderer, it raids Google Chrome’s autofill data, extracting personal details for potential identity theft.
Delving further, it uncovers the user’s online history, a treasure trove revealing vulnerabilities and patterns ripe for exploitation.
The Webhook Courier of Stolen Secrets
Embark on a journey through the Serpent Stealer’s clandestine transmission route.
Utilizing Discord webhooks, this digital courier discreetly ferries stolen data to the attacker’s command-and-control server, ensuring a seamless exchange of pilfered secrets, reads the report.
Explore the Serpent Stealer’s insatiable appetite for passwords.
Beyond browsers, it infiltrates crypto wallets and gaming platforms, seeking to unearth login credentials that unlock doors to valuable assets, perpetuating its unrelenting data heist.
UAC Ballet
Uncover the sophisticated dance of evasion orchestrated by the Serpent Stealer. With a UAC bypass mechanism, it sidesteps Windows’ User Account Control safeguards, operating with elevated privileges and rendering security barriers powerless in its quest for sensitive data.
Peer into the Serpent Stealer’s utilization of Fodhelper.exe, a legitimate Windows component.
Exploiting this trusted tool, the malware executes commands with administrative privileges, effectively disabling security barriers and perpetuating its stealthy presence.
IOCs
Hash
Detection name
e97868c8431ccd922dea3dfb50f7e0b5
Password-Stealer (005ac0721 )
a3c4785a011c350839669b8e73c823f5
Password-Stealer (005ac0721 )
The post Serpent Stealer Acquire Browser Passwords and Erases Intrusion Logs appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
posted by pod_feeder
There are no comments yet.