SECURITY

Latest Crypto Theft Software "Mystic Stealer" Emerges, Targets Browsers, MetaMask, and Binance

share
Latest Crypto Theft Software "Mystic Stealer" Emerges, Targets Browsers, MetaMask, and Binance

SlowMist, a cybersecurity company, tweeted that the latest cryptocurrency theft software "Mystic Stealer" has emerged. It targets 40 different browsers, 70 browser extensions, and cryptocurrency wallets, including popular ones like MetaMask, Coinbase Wallet, Binance, Rabby Wallet, OKX Wallet, OneKey, and more.

Data Theft

Cybersecurity firm InQuest has conducted an in-depth analysis of "Mystic Stealer."

Mystic Stealer is capable of stealing large amounts of data, collecting computer information such as system host, username, and computer unique identifier (GUID), and may identify a user's geographical location through region and keyboard settings.

Additionally, it can gather information related to cryptocurrency wallets through the browser's "autofill," "history," and "cookies," including credentials for Telegram and Steam.

Mystic Stealer first appeared in late April 2023, when the eponymous seller released it on forums such as WWH WWH-Club, BHF Best Hack Forums, and XSS, renting it out for $150 per month.

Mystic Stealer Target List

Target Browsers

All major browsers are within the target range, including numerous obscure ones, with the exception of Apple's Safari:

  • Opera

  • Comodo

  • 360Browser

  • Mozilla icecat

  • Brave-Browser

  • Mozilla Firefox

  • Microsoft Edge

  • Google Chrome

  • YandexBrowser

Browser List

Multi-Factor Authenticators, Extension Software

  • OneKey

  • Phantom

  • TronLink

  • MetaMask

  • Authy 2FA

  • OKX Wallet

  • Math Wallet

  • Terra Station

  • BinanceChain

  • Coin98 Wallet

  • Coinbase Wallet

  • GAuth Authenticator

  • Trezor Password Manager

Cryptocurrency Applications and Wallets

  • MyMonero

  • Exodus

  • Binance

  • Raven

  • Armory

  • Dogecoin

  • MultiBit

  • Bitcoin

  • DashCore

  • Electrum

  • Litecoin

  • BitcoinGold

  • WalletWasabi

  • Atomic

  • Guarda

  • Electrum-LTC

  • MyCrypto

  • Bisq

  • DeFi Blockchain

  • Coinomi

  • TokenPocket

InQuest warns that as a newly emerged malicious software, it is currently difficult to predict its behavioral trajectory. However, one thing is certain—Mystic Stealer poses a complex cybersecurity threat that could lead to widespread security crises.