Password Stealing BlackGuard Malware Sold In Russian Hacking Forum Targets A Ton Of Apps
![blackguard stealer grabs data from chrome and cryptowallets](https://images.hothardware.com/contentimages/newsitem/58152/content/blackguard-stealer-grabs-data-from-chrome-and-cryptowallets.jpg)
Researchers on the Zscaler ThreatLabz team were surfing hacking forums during research activities and happened to stumble upon the rising BlackGuard stealer. Of course, the popular - yet relatively new - software warranted investigation, and what was found is quite impressive. The researchers explain that BlackGuard first looks for and kills processes related to antivirus and sandboxing, which could partially prevent researchers from investigating the malware. After this, the malware checks to see if it is on a computer in the Commonwealth of Independent States, including countries like Russia and Ukraine. If that is not the case, the malware collects information from hardcoded installation paths of browsers like Chrome and Firefox, crypto-wallets and crypto-wallet extensions, email clients, and other applications like Discord.
![bg dashboard blackguard stealer grabs data from chrome and cryptowallets](https://images.hothardware.com/contentimages/newsitem/58152/content/bg-dashboard-blackguard-stealer-grabs-data-from-chrome-and-cryptowallets.jpg)
Despite its capabilities, the Zscaler team also reports that BlackGuard is not as broad as other stealers but has grown as a threat because “it continues to be improved and is developing a strong reputation in the underground community.” However, administrators and security teams can combat the risks by implementing good password hygiene, multi-factor authentication, and instructing users not to visit or open unknown sites or files.
![bg forum blackguard stealer grabs data from chrome and cryptowallets](https://images.hothardware.com/contentimages/newsitem/58152/content/bg-forum-blackguard-stealer-grabs-data-from-chrome-and-cryptowallets.jpg)
In any event, the rise in malware-as-a-service and the ease with which a threat actor can target people is quite concerning. However, there are some recognized weaknesses in BlackGuard which will hopefully help defenders and antivirus programs detect and nuke the malware before it becomes a larger problem.