The source code for Luca Stealer malware offered for free by hackers

July 29, 2022
Source Code Luca Stealer Malware Free Hackers Infostealer

An information stealing malware, dubbed Luca Stealer, is a malware variant coded by its authors in the Rust language, which source code was spotted by researchers being offered on underground forums for free.

From the analysis of VirusTotal, the infostealer has a detection rate of around 22%, making it a stealthy malware variant actively used in attacks.

 

Written in the Rust programming language, Luca Stealer aids threat actors in targeting several versions of the Windows OS.

 

The researchers who sampled the infostealer reported that it possesses standard malware capabilities, including stealing data from Chromium-based web browsers where people usually store their financial and login credentials and other browsing cookies.

Luca Stealer also aims to steal cryptocurrency wallets, Discord tokens, Steam accounts, etc. The infostealer also focuses on password manager browser addons that allow it to steal locally stored sensitive user data.

Once inside the compromised machine, the infostealer can also capture screenshots that could be useful for the threat actors’ attack. It will also collect the host system’s profile and send the extracted details to the operators’ C2 servers.

Nonetheless, researchers note that unlike any typical information stealing malware in the wild, the Luca Stealer does not possess the capability of a clipper that can be used in cryptocurrency hijacking.

The investigations and analysis of the infostealer show that it had been used in about 25 cyberattacks, likely because its developers had offered its source code for free for other hackers to use. However, experts are still doubtful if the malware will be used in massive deployment in the future.

Even with limited capabilities, having its source code free in the wild could allow other malware authors to develop more variants based on the Luca Stealer, equipped with more advanced features that could be more damaging for the victims.

Furthermore, since the infostealer is Rust-based, a cross-platform language, other developers could easily port it to other operating systems besides Windows, such as Linux or macOS.

About the author

Leave a Reply