Taurus Stealer
The Taurus Stealer is a newly discovered piece of malware that is believed to be the creation of the same cybercriminals responsible for developing and using the 'Predator the Thief' malware. Their new project is being sold on hacking forums for as low as $100, and it enables any cybercriminal with a bit of money to make use of a brand new infostealer with rich features. Lately, the campaigns used to spread the Taurus Stealer have become more common, and the 'Google Pay' Email Virus is the latest example of a fraudulent email being used to propagate malware.
Currently, the Taurus Stealer appears to contain a blacklist of countries that it does not work in. Most of the regions that it avoids are or were a part of the Commonwealth of Independent States (CIS) region – Armenia, Moldova, Uzbekistan, Ukraine, Tajikistan, Kazakhstan, Georgia, Belarus and others. This is a typical strategy that CIS malware developers use to make sure that their malware will not be used against what they consider to be friendly users.
Malware-as-a-Service Model may Increase the Taurus Stealer Activity
According to advertisements promoting the Taurus Stealer, this threat is able to extract the following information from compromised systems:
- Saved data from Chromium-based (Google Chrome) and Gecko-based browsers (Mozilla Firefox) – cookies, browsing history, saved passwords, autofill details and more.
- Cookies and passwords from Microsoft Edge and older versions of Internet Explorer.
- Files and data used by popular cryptocurrency wallet software like Electrum, Jaxx, Bytecoin, Exodus, Atomic and others.
- Credentials and files used by FTP clients like FileZilla.
- Session files used by popular desktop applications like Discord, Steam and Telegram.
- Credentials used for Pidgin, Foxmail and Microsoft Outlook.
- Skype chat history.
- NordVPN authorization credentials.
Clearly, the Taurus Stealer is a high-profile threat capable of causing a lot of trouble if it does not get removed on time. The best way to never fall victim to the Taurus Stealer is to invest in a regularly updated and reliable anti-malware software suite.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.