Article Details
Scrape Timestamp (UTC): 2025-05-04 14:14:39.076
Original Article Text
Click to Toggle View
StealC malware enhanced with stealth upgrades and data theft tools. The creators of StealC, a widely-used information stealer and malware downloader, have released its second major version, bringing multiple stealth and data theft enhancements. The latest version of StealC was actually made available to cybercriminals in March 2025, but Zscaler researchers who analyzed it just published a detailed write-up. In the weeks that followed its release, several minor bug fixes and point releases added new features, with the latest being version 2.2.4. StealC is a lightweight info-stealer malware that gained traction on the dark web in early 2023, selling access for $200/month. In 2024, it was spotted in large-scale malvertising campaigns and attacks locking systems into inescapable kiosk modes. In late 2024, it was confirmed that StealC development remained very active, with its developers adding a bypassing mechanism for Chrome's 'App-Bound Encryption' cookie-theft defenses, allowing the "regeneration" of expired cookies for hijacking Google accounts. New in latest version Version 2 (and later) was announced in March 2025. According to Zscaler's analysis, it brings the following major improvements: However, apart from the feature additions, there have also been some notable removals, like the anti-VM checks and DLL downloading/execution. These might indicate an effort to make the malware leaner, but they may also be collateral damage from major code rework and could be re-introduced in better form in future versions. In the most recent attacks seen by Zscaler, StealC was deployed by Amadey, a separate malware loader, though different operators could differentiate the delivery methods or attack chains. To protect your data from info-stealer malware, avoid storing sensitive information on your browser for convenience, use multi-factor authentication to protect your accounts, and never download pirated or other software from obscure sources. Top 10 MITRE ATT&CK© Techniques Behind 93% of Attacks Based on an analysis of 14M malicious actions, discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them.
Daily Brief Summary
StealC, an information stealer and malware downloader, has recently been updated to version 2.2.4, including several stealth and data theft upgrades.
Originally launched on the dark web in 2023, StealC gained prominence for its effectiveness in stealing sensitive data, available for a subscription of $200 per month.
In its latest iteration, StealC has removed previous features like anti-VM checks and DLL downloading but has introduced significant enhancements including mechanisms to bypass Chrome's cookie theft defenses.
Version 2.2.4 enables expired cookie regeneration, facilitating unauthorized access to Google accounts.
Recent deployments of StealC have been executed through Amadey, another malware loader, showcasing variation in delivery methods amongst cybercriminals.
Zscaler's research and analysis highlight the ongoing evolution and active development of StealC, suggesting potential re-introduction of removed features in future updates.
Recommended protection measures include avoiding the storage of sensitive information in browsers, using multi-factor authentication, and avoiding downloads from unreliable sources.