Security researchers say that the source code for an information stealing malware coded in the language Rust has been revealed in several hacking forums to use in cyber attacks. Researchers also stated that the malware was developed within just 6 hours with a detection rate of 22%.
The information stealer malware is believed to be used in targeting multiple operating systems although currently, researchers observed that, it is targeting only Windows Operating System. Security researchers of the cyber security firm Cyble have named the malware Luca Stealer.
According to Cyble, Luca Stealer has attempted to steal data from 30 Chromium-based web browsers to steal information related to credit cards, login credentials, and cookies. Luca Stealer has also been observed to target a range of “cold” cryptocurrency and “hot” wallet browser add-ons, Discord tokens, Ubisoft play, and more. Luca can be attached as external add-ons on the browser and steal data from several applications at the same time. Luca has been observed to capture screenshots to save them as .png files and send details to remote operators.
However, security researchers said that Luca has not evolved to use a clipper in order to modify clipboard contents to grab cryptocurrency transactions as of yet like other info-stealers. Luca has exfiltrated stolen data in the form of a ZIP archive via Discord webhooks or Telegram bots to the remote operators.
Security researchers said that the reason behind this info-stealer Luca’s release of its source code for free is still unknown. However, there’s a relief for Linux and Mac users as the info-stealer will not be able to compromise its operating system by using Rust programming language.
