Stealerium Malware's Creepy New Trick Is To Snap Webcam Pics Of Victims Watching Adult Content
The security research team noted that Stealerium was first discovered on their records in 2023. However, its existence has been traced to 2022 when it was observed as a free, open-source code on GitHub. There has been a rapid increase in the use of Stealerium in the past few months as the malware boasts various capabilities that would easily interest a threat actor.
Its most formidable weaponry lies in its ability to take screenshots of sensitive information and utilize a PC's webcam to intrude into the victim's privacy. With that, it auto-detects if a victim has opened an adult content site on their browser. Once it detects such a tab, it takes screenshots of the content victims are watching and their faces via webcam.
In addition, it is also capable of stealing passwords and usernames from victims' browsers. Several instances have been recorded where bad actors deployed it to steal crypto wallet credentials. Its stealth capabilities, which leverage PowerShell, are designed to help it evade detection by antivirus programs.
It is worth noting that researchers have discovered that hackers add more malicious code to improve the functionalities of the open-source malware and derive even more sophisticated versions of the free malware.
Proofpoint has warned that "organizations should monitor for activity involving 'netsh wlan', suspicious use of PowerShell defender exclusions, and headless Chrome execution, which are consistent with post-infection behaviors." The security firm has also published a list of indicators that can prove that your device has been compromised.
