Oski Stealer
Oski Stealer is a new information stealer whose authors have opted to sell it on underground hacking forums. It appears that the threatening program is being advertised on several Russian forum boards, so it is safe to assume that its authors are of Russian origin. However, advertisements for Oski Stealer were found on some international hacking forums too, so Russian cybercriminals are not the only ones who will make use of the Oski Stealer's features certainly.
Talking of features, this information stealer is able to extract a wide range of data from the computers it compromises. According to its authors, the Oski Stealer is capable of:
- Collecting data used by Firefox and Chromium-based Web browsers like Vivaldi, Firefox, Google Chrome, Cyberfox, Blackhawk, Yandex and others.
- Extracting files of popular cryptocurrency wallets like Dash, Litecoin, Zcash, Electrum, Ethereum and others.
- Extracting stored login credentials from the SQLite databases of Web browsers, as well as from the Windows Registry.
The Oski Stealer Targets Multiple Windows Versions and CPU Architectures
The attackers claim that the Oski Stealer is able to work on both x86 and x64 versions of Windows 7, 8, and 10, therefore ensuring that the threatening program will be compatible with the devices of its potential victims. All data that the Oski Stealer snatches is then exfiltrated to a Command & Control server operated by the threat's authors.
Cybersecurity experts managed to access the logs of the attacker's server, and they discovered that the Oski Stealer had managed to collect over 50,000 passwords from its victim – 97% of the collected login credentials were associated with Google accounts approximately.
Since the Oski Stealer can be used by anyone who opts to pay its authors, it is safe to assume that it may be spread via all sorts of techniques – phishing emails, fake downloads, pirated media and software, fake software updates, etc. To ensure that your computer is protected from information collectors like this one, you should invest in a reputable and regularly updated anti-virus product.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.