Resecurity Hunter division has noticed the release of the new version (2.2) of Meduza Stealer in the dark web. This update includes support for a larger number of client programs, an improved module for the theft of data from credit cards, as well as advanced mechanisms for extracting accounting data and tokens on various platforms. The details can be found here.
Meduza Stealer is emerging as a serious competitor to harmful programs like Azorult, Redline, Racoon, and Vidar Stealer. These programs are used by cybercriminals for capturing accounts, theft of online banking data, and financial fraud.
The authors of Meduza Stealer sent notifications of the new version to various underground communities and Telegram groups, highlighting significant improvements in the interface, modal windows during loading, and expanded data collection objects.
Meduza Stealer initially appeared on the XSS forum in the dark web and received positive reviews in other communities, including Exploit. The program is currently compatible with Windows Server 2012/2016/2019/2022 and Windows 10/11, demonstrating successful performance on all these platforms.
Meduza Stealer is capable of intercepting data from numerous popular programs. Some of the supported programs include 106 browsers, 107 cryptocurrency wallets, file interception through the Filegrabber module, Telegram IM, Steam, Discord, 27 password managers, OpenVPN, Outlook (mail client), and Google tokens. The list of supported programs goes on.