A crypto stealer seems to have spread through a massive spam campaign across several countries, including the United States, Australia, Japan, and Germany. The malware dubbed “Panda Stealer” has been spotted by a cybersecurity company. It is reportedly also distributed on Discord channels.
Malware Can Also Steal Data From Telegram and Discord Apps
According to the report published by Trend Micro, the stealer is a variant of another malware named “Collector Stealer,” which utilizes the same algorithms to bypass most detection tools. The malware is contained within a malicious Excel file in a .xlsm format.
Once the victim executes a series of Powershell scripts in the infected document, Panda Stealer deploys its malicious processes. It collects sensitive crypto-related data, including private keys and records of past transactions performed with wallets from virtual currencies like dash (DASH), litecoin (LTC), ethereum (ETH).