Cybersecurity researchers Cyble have recently uncovered a new malware strain attacking Windows users that is capable of stealing sensitive data from infected devices.
The malware is called Exela, and is reportedly using Discord to deliver the stolen information to its operators. The data it’s looking to steal includes login credentials, personal data, and financial information, as well as session details from different online apps, social media services, and gaming platforms.
While the researchers first spotted Exela in mid-September 2023, analysis has shown that it was developed in May. Since then, it has grown and acquired new features, as well as its own Telegram channel.
Chrome users at risk
Exela will look to steal data from all of the major browsers on the market today, including Chrome, Edge, Brave, Opera, and Vivaldi. Furthermore, it will steal credit card information, session cookies, and other other data, as well as take screenshots.
As for social media sessions, it can grab those from Instagram, Twitter, TikTok, and Reddit. And when it comes to gaming, users of the giant retail platform Steam and players of the popular Roblox are most vulnerable, it seems.
Other details about the malware are not known at present, so we don’t know who its developers are, or who they’re trying to target exactly, although so far it's gamers and software developers who appear to be in its sights.
We also don’t know how the malware is being delivered to victims, nor how successful it is. Apparently, it’s being dropped via phishing pages and websites promoting free software.
If you are worried about being infected, the best way to ensure security is to download software only from verified sources. Getting links via social media channels, email, or similar, is always a red flag.
Furthermore, having antivirus software installed helps, as well as a firewall. Finally, many infostealers grab information stored in the browser, so it might not be a bad idea to store sensitive information in one of the best password manager solutions instead.
Via Tom's Guide