Seqrite, the enterprise arm of Quick Heal Technologies Limited, a global cybersecurity solutions provider, has uncovered a sophisticated new malware threat known as AsukaStealer. As per the detailed analysis conducted by researchers at Seqrite Labs, India’s largest malware analysis lab, this advanced persistent threat, currently being marketed on Russian-language cybercrime forums, presents a severe risk to individuals and organisations worldwide, highlighting the evolving landscape of cyber threats. AsukaStealer operates on a Malware-as-a-Service model, offered by a threat actor using the alias ‘breakcore’ for a monthly subscription fee of $80. This model makes advanced cyber-attack capabilities accessible to a wider range of malicious actors, significantly lowering the barrier to entry for cybercriminals.
The sophistication of AsukaStealer lies in its broad target range and extensive data extraction capabilities. It is designed to infiltrate a comprehensive array of browsers, including Mozilla Firefox, Google Chrome, Microsoft Edge, Opera, and numerous others. This wide-reaching approach ensures maximum impact across various browsing platforms. The malware can extract a wealth of sensitive information, including extension data, internet cookies, saved login credentials, cryptocurrency wallet information, FTP client data, messaging platform details, and gaming software data.
AsukaStealer specifically checks for systems in various countries, including Armenia, Azerbaijan, Belarus, Kazakhstan, and others. It collects extensive system information, including CPU details, OS version, RAM, and time zone.
The malware’s reach is expansive, programmed to steal data from over 30 different browsers, including less common ones like Iridium, Chedot, and Sleipnir5. It also targets over 20 different cryptocurrency wallets, including emerging ones like Zecrey, LeapCosmosWallet, and VenomWallet. AsukaStealer uses the UuidCreate function to generate unique identifiers for exfiltrated files, enhancing its ability to track and organize stolen data.
To mitigate the risks posed by AsukaStealer and similar threats, Seqrite strongly advises individuals and organisations to implement comprehensive security measures. These include deploying and maintaining up-to-date antivirus and anti-malware solutions, implementing strong, unique passwords for all accounts, enabling multi-factor authentication, exercising caution with email attachments and links, regularly updating all software and operating systems, conducting security awareness training, implementing network segmentation and the principle of least privilege, and regularly backing up critical data.