Red Hot Cyber, The cybersecurity news

Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Spanish Italian
Search

Echelon Stealer: The Open Source Malware

Pietro Melillo : 31 July 2024 15:47

Echelon Stealer is an infostealer malware that was first discovered in 2018 and is still active. Currently shared as an open-source tool on GitHub, Echelon Stealer offers various advanced features for extracting sensitive data.

Despite being presented as an educational project, its potential for malicious use is significant.

What is an Infostealer?

An infostealer is a type of malware specifically designed to steal sensitive information from infected devices. These malware can gather a wide range of data, including:

  • Login credentials (username and password)
  • Financial information (credit card numbers, bank accounts)
  • Personal data (addresses, phone numbers)
  • Information stored in browsers (cookies, autofill data)
  • Sensitive files on the device

Dai potere alla tua programmazione con TypeScript funzionale

Impara a scrivere codice modulare, sicuro e scalabile con il nostro corso pratico di Programmazione Funzionale in TypeScript, guidato dall’esperto Pietro Grandi, professionista nello sviluppo del software. 
In 6 ore e 29 lezioni, esplorerai concetti fondamentali come immutabilità, funzioni pure, higher-order functions e monadi, applicandoli direttamente al mondo reale dello sviluppo software.
Il corso è pensato per sviluppatori, team leader e professionisti del software che desiderano migliorare la qualità e la manutenibilità del loro codice. Con esempi pratici, esercizi e la guida esperta di Grandi, acquisirai competenze avanzate per affrontare le sfide moderne dello sviluppo.
Approfitta della promo e scrivi subito all'amministrazione e guarda l'anteprima gratuita del corso su academy.redhotcyber.com
Contattaci per ulteriori informazioni tramite WhatsApp al 375 593 1011 oppure scrivi a [email protected]



Supporta RHC attraverso:
  1. L'acquisto del fumetto sul Cybersecurity Awareness
  2. Ascoltando i nostri Podcast
  3. Seguendo RHC su WhatsApp
  4. Seguendo RHC su Telegram
  5. Scarica gratuitamente "Dark Mirror", il report sul ransomware di Dark Lab

Se ti piacciono le novità e gli articoli riportati su di Red Hot Cyber, iscriviti immediatamente alla newsletter settimanale per non perdere nessun articolo. La newsletter generalmente viene inviata ai nostri lettori ad inizio settimana, indicativamente di lunedì.
 

Infostealers are often distributed through phishing campaigns, malicious email attachments, compromised software downloads, and other social engineering techniques. Once installed, the infostealer collects data and sends it to a server controlled by the attackers, allowing them to exploit this information for various illicit purposes, such as identity theft, financial fraud, and unauthorized access to systems and networks.

Key Features of Echelon Stealer

Data Extraction

Echelon Stealer can extract data from various browsers and applications. Supported browsers include all Chromium-based ones, Edge, and Gecko-based (such as Mozilla Firefox). The extraction features include:

  • Clipboard data
  • Discord and Telegram sessions
  • Outlook emails
  • Files with saving directory paths and scanning subdirectories
  • FileZilla
  • Total Commander
  • Pidgin
  • Psi and Psi+
  • System screenshots
  • PC information (PCinfo)

VPN and Cryptocurrency Wallets

Echelon Stealer can also gather data from various VPN applications and cryptocurrency wallets, including:

  • NordVPN
  • OpenVPN
  • ProtonVPN
  • Armory
  • Atomic Wallet
  • Bitcoin Core
  • Bytecoin
  • Dash Core
  • Electrum
  • Ethereum
  • Exodus
  • Jaxx
  • Litecoin Core
  • Monero
  • Zcash

Additional Features

In addition to data collection capabilities, Echelon Stealer includes other functionalities such as:

  • Sending logs to a Telegram bot
  • Automatic self-removal after sending logs
  • Log resubmission protection

Recent Updates

The latest project update includes various bug fixes and has made the project more stable. Now, all extraction methods are organized into different files and folders for greater convenience.

Disclaimer

The creator of Echelon Stealer has clearly stated that the project is written exclusively for educational purposes and assumes no responsibility for the use of the project or any of its code parts. This notice is essential as the misuse of such tools can lead to severe legal and ethical consequences.

Conclusion

Echelon Stealer represents an example of how open-source tools can be used for both legitimate and malicious purposes. It is crucial that such tools are used with awareness and responsibility. The community of developers and security researchers must remain vigilant and collaborative to mitigate the risks associated with these tools and promote the ethical use of technology.

Pietro Melillo
Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"

Lista degli articoli