The Fox Stealer is spyware and a variant of Fareit, a threat that specializes in collecting FTP services' login credentials. Since the Fox Stealer passes passwords and other information over to threat actors without your consent, victims should disable their network connections immediately and incorporate re-securing their accounts into any disinfection strategies. Traditional anti-malware products should have no issues with deleting a Fox Stealer installation or, ideally, preventing it.
Ponies Getting a Little Foxy
A 2016 update to Fareit, AKA Pony spyware, is getting a fresh deployment in 2019. This campaign may surprise those who remember the arrest of the criminals who were selling the first version of the update, Fox Stealer or Ponyforx, by Russian authorities. The new campaign that malware researchers are confirming in this year includes exploit kit-based installation attacks and additional, not-yet-analyzed features for its payload.
While not all of the Fox Stealer's improvements are available for perusal, nor are the threat actors selling its source code, it keeps all of the old features of Fareit. Accordingly, it's a C++, Windows threat that collects passwords and usernames, especially for FTP clients. Its list of FTP targets includes FileZilla, CoreFTP, FTPShell, CuteFTP, and dozens of others. It can decrypt any encryption-protected credentials, as well, although it offloads this feature to a remote server after transferring the encrypted information.
Going on a Fox Hunt to Stop a Password Robbery
Fox Stealer infections show no symptoms of any visual significance to the victims, whose only clues to the attacks arrive after threat actors begin misusing the stolen login data. Users should disable network connectivity for halting any more theft and change all passwords as soon as possible. Anti-malware technology may remove a Fox Stealer safely but can't re-secure any of your stolen information.
The Fox Stealer's being available in the current year is big news for threat actors wanting to collect information without coding the spyware that does the hard work. Even though its basis of the code is more than a little old, its bite should be as sharp as that of any predator's.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Fox Stealer may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.