The researchers of K7 Good have identified a new and fearsome stealer, baptized with the not very reassuring name of Serpent.
This malware, active in the Windows environment, manages to bypass a good part of the defensive structures of this OS, bypassing the user access control (UAC) ei sistemi debugger. The targets of the malware are predominantly i data present on browsers, demonstrating a particular predilection for passwords. Once that information is stolen, it is exfiltrated through webhookabusing Discord.
Serpent is advertised on social network e fclandestine mouths, with the developers boasting 24-hour support and other advanced features of the malicious agent. Just like a snake, this malware “crawls” unnoticed in your data Google Chrome autofillextracting its contents for potential identity theft and more.
Serpent, the elusive stealer does more than just steal browser data
Once the information is obtained, the malware uses Discord webhooks to send the information obtained to the command and control server, managed by the attacker. As already mentioned, browsers are the main target of malware but not the only one.
According to data collected by K7 Labs, Serpent does not disdain crypto wallets e gaming platformsalways trying to steal the victims’ credentials.
Another peculiarity of the stealer is its impressive elusive abilitywhich leverages an advanced mechanism to bypass UAC, evading the protections of User Account Control of Windows. All thanks to obtaining elevated privileges making many of the operating system’s precautions completely ineffective.
To avoid real disasters, an excellent preventive action could be the adoption of a password manager high level. A antivirus valuable, constantly updated, is another solution capable of blocking elements like Serpent before they begin to steal data on your computer.
A cautious approach towards suspicious attachments ed executable coming from unreliable sources, it is certainly another way to contain stealers and other malware.