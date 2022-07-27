the world of malware it is constantly evolving. It seems that every day a new virus emerges focused on stealing all the information you have on your PC. However, today’s case has drawn attention, as it is constantly evolving. We are talking about Luca Stealer, whose main objective is to obtain personal data from your computer, as well as cryptocurrencies.

According to Cyble, a company dedicated to monitoring cybercrime in real time, the malware is capable of attacking multiple Chromium-based browsers from messaging apps, like Discord and Telegram, to cryptocurrency wallets like MetaMask, iWallet, BinanceChain, and more, to gaming apps, like Ubisoft Play, and it has recently added the ability to steal files from its victims.

At the moment, Luca Stealer has a detection level of 22%. Worst of all, is that its creator has made the code available to all interested parties on GitHubso the capabilities, weaknesses and strengths of malware are constantly evolving, and have been adapted to the needs of its programmers.

The way Luca Stealer works is as follows: it first gets installed on the PC as an external extension of your preferred browser. From this point, starts stealing data from other applications in the system, even taking screenshots and saving them in .png format to be used by remote operators. The main affected are Windows users, because Rust, the malware’s programming language, is not yet as common on iOS and Linux. However, it seems that it is only a matter of time before this adapts.

To shovel against Luca Stealer, Cyble recommends:

-Avoid downloading files from unreliable sources.

-Clear browsing history and reset passwords at regular intervals.

-Activate the automatic software update function on your computer, mobile and other connected devices.

-Use a reputable internet security and antivirus software suite on your connected devices, including PC, laptop and mobile.

-Refrain from opening untrusted links and email attachments without first verifying their authenticity.

-Educate employees to protect themselves from threats such as phishing or untrustworthy URLs.

-Block URLs that can be used to spread malware, eg Torrent/Warez.

-Monitor the beacon with respect to the network to block data exfiltration by malware or TAs.

-Enable data loss prevention (DLP) solution on employee systems

At the moment it seems that there is no clear solution against Luca Stealer, and considering that he is constantly evolving, it may be quite some time before this happens. All we can do is take the necessary measures.

Via: Cyble