Attention Windows users: Styx Stealer Malware can hijack your crypto transactions!

Cybersecurity researchers from Check Point Research have uncovered a new threat targeting cryptocurrency users, known as Styx Stealer Malware.

This malicious software can steal a variety of sensitive data, including cryptocurrencies, by employing a technique called clipping. This method allows the malware to intercept and alter the recipient’s wallet address during transactions, redirecting funds to the attacker’s account.

Styx Stealer Malware is offered on a rental basis

Styx Stealer is available for rent on the developer’s website, with prices set at $75 per month or $350 for a lifetime license.

The malware was first released in April and has already been involved in numerous attacks. It is derived from an older malware variant known as Phemedrone Stealer but has enhanced features, including new tactics to evade detection and an additional crypto-clipper function.

The discovery of the malware came unexpectedly when the developer found a data leak while troubleshooting. This incident allowed researchers to trace the origins of Styx Stealer and uncover critical information about its operations. It was revealed that the Turkey-based developer collected around $9,500 in cryptocurrency payments within the first two months after the malware’s release.

These payments were traced back to eight cryptocurrency wallets linked to the developer. Styx Stealer primarily exploits a vulnerability in Microsoft Windows Defender, which was patched last year.

Therefore, Windows users with updated systems are not at risk.

However, those who have not updated their systems remain vulnerable to this malware. Check Point Research has also identified the developer’s Telegram accounts, email addresses, and phone numbers, providing valuable leads for further investigation.

Decline in illegal crypto transactions in 2024

A recently released Chainalysis report shows that illegal cryptocurrency transactions are expected to decrease overall in 2024, even though certain types of criminal activities within the sector are on the rise. The report, published on August 15 as part of the mid-year update on crypto crime, noted that hacking and ransomware attacks are becoming more frequent.

Particularly concerning is the resurgence of hacking in 2024. Chainalysis observed a significant increase in the value of stolen assets. By the end of July, the cumulative value of stolen cryptocurrencies reached $1.58 billion – an 84% increase compared to the same period in 2023.

While the number of hacking incidents only slightly increased (by 2.8% year-on-year), the average value stolen per hack rose dramatically.

In July alone, hackers stole around $266 million across 16 separate attacks, causing significant losses to the crypto sector. The attack on the Indian crypto exchange WazirX on July 18 stands out. This single attack accounted for over $230 million or 86.4% of the total losses for the month.