New SantaStealer malware steals data from browsers, crypto wallets www.bleepingcomputer.com/news/secu…
A new malware-as-a-service (MaaS) information stealer named SantaStealer is being advertised on Telegram and hacker forums as operating in memory to avoid file-based detection.
According to security researchers at Rapid7, the operation is a rebranding of a project called BluelineStealer, and the developer is ramping up the operation ahead of a planned launch before the end of the year.
SantaStealer appears to be the project of a Russian-speaking developer and is promoted for a Basic, $175/month subscription, and a Premium for $300/month.
Rapid7 analyzed several SantaStealer samples and obtained access to the affiliate web panel, which revealed that the malware comes with multiple data-theft mechanisms but does not rise to the advertised feature for evading detection and analysis.
