Recently, a new Golang-based information stealer malware, named ‘Titan Stealer’ is being promoted by threat actors in their Telegram channel. Initial details regarding the malware were discovered by cybersecurity researcher Will Thomas in November 2022 by using the IoT search engine Shodan.
Titan is advertised as a malware builder that enables users to alter the malware binary’s functionality and the type of data that will be extracted from a victim’s system.
The malware, when launched, initiates a technique called ‘process hollowing’ in order to disseminate the malicious payloads into the memory of a legitimate process called AppLaunch.exe, Microsoft’s .NET ClickOnce Launch Utility.
According to a recent report by Uptycs security, researchers Karthickkumar Kathiresan and Shilpesh Trivedi say, “the stealer is capable of stealing a variety of information from infected Windows machines, including credential data from browsers and crypto wallets, FTP client details, screenshots, system information, and grabbed files.”
Targets of The Info Stealer
The Titan Stealer has been targeting web browsers, including Google Chrome, Mozilla Firefox, Microsoft Edge, Yandex, Opera, Brave, Vivaldi, 7 Star Browser, Iridium Browser, and others. The crypto wallets singled out are Armory, Atomic, Bytecoin, Coinomi, Edge Wallet, Ethereum, Exodus, Guarda, Jaxx Liberty, and Zcash.
Content was cut in order to protect the source.Please visit the source for the rest of the article.Read the original article: