Shuyal Stealer Malware Targets 17+ Browsers for Credentials

A new malware strain named Shuyal Stealer has been identified, designed to steal login credentials from over 17 different web browsers. Beyond credential theft, the infostealer performs deep system profiling, captures screenshots, records clipboard contents, and extracts Discord authentication tokens. To remain hidden, Shuyal Stealer disables the Windows Task Manager and ensures its persistence by copying itself into the Startup folder. The stolen data is compressed and exfiltrated to attackers using a hardcoded Telegram bot for stealthy communication. After successfully sending the data, the malware executes a self-deletion routine to erase its tracks and complicate forensic analysis.

Latest mentioned: 10-08

Earliest mentioned: 10-08

Sources

securityonline.info hackread.com cybersum.net

Also Read

Airstalk Malware: Sophisticated Windows Threat Exploits MDM

Cybersecurity researchers have uncovered Airstalk, a sophisticated Windows malware family available in PowerShell and .NET variants. The malware, linked to a nation-state threat actor, uses legitimate mobile device management infrastructure for covert command-and-control communications. It targets sensitive browser credentials and employs advanced evasion techniques, including the use of a likely stolen certificate. The malware's sophisticated design suggests a well-resourced adversary with advanced capabilities. Organizations utilizing business process outsourcing services are particularly at risk due to the malware's supply chain attack vector.

10-31Read more →