Cybersecurity researchers have found a new Windows-based information thief dubbed Meduza Stealer that is actively being updated by its author to resist detection by software solutions, which is yet another indication of a lucrative crimeware-as-a-service (CaaS) ecosystem. In a recent report, Uptycs stated that “The Meduza Stealer has a singular objective: comprehensive data theft.” It steals browsing activity from users and extracts a variety of browser-related data.
No digital artefact is safe, from crucial login information to the priceless record of surfing history and beautifully curated bookmarks. Even password managers, 2FA extensions, and crypto wallet extensions are susceptible. Additionally, it is programmed to fail if a victim’s location is one of the Commonwealth of Independent States (CIS) or Turkmenistan on the stealer’s specified list of prohibited nations.