Babax Stealer
The Babax Stealer is a threatening infostealer that may still be under development. The first samples of the infostealer were uploaded to GitHub by users that were assumed to be the malware's developers. However, the project has been taken down, and there are no traces of the Babax Stealer elsewhere. This is likely to mean that the authors are yet to finish the project or are simply not planning to propagate it. It is not uncommon to see malware created with an educational purpose.
The small amount of information found on Babax Stealer's old GitHub page reveals that the implant specializes in harvesting information from Web browsers like Mozilla Firefox and Google Chrome. It is able to obtain cookies, passwords, autofill data, saved payment options and more. The collected information is not extracted via HTTP or FTP transfer – instead, the Babax Stealer uses a designated Telegram bot to deliver the log files. The malware's data-collection functionality is very limited at the moment – it seems that the Babax Stealer can only obtain Web browser-related data.
It is critical to observe that the malware had some anti-debugging functionality to ensure that it would stop its attack if it detects a virtual environment or a malware debugging tool on the compromised system. This makes it more demanding to detect and capture live samples of the Babax Stealer if the malware is spread online.
To ensure that your PC and information are protected from threats like this one, you need to secure your computer with the help of a trustworthy and updated anti-malware solution.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.