UPDATED 20:55 EST / JULY 26 2022

SECURITY

New Rust-based malware spreads after code shared on cybercrime forum

A new form of information-stealing malware based on the Rust programming language is rapidly spreading after the source code was recently shared on a popular cybercrime forum.

Detailed Monday by researchers at Cyble Inc., the malware, dubbed “Luca Stealer,” was first shared on July 3. The malware developer is believed to have shared the source code to build a reputation for itself.

The developer also provided steps to modify the malware and compile source code for ease of use. Since first being shared, Luca Stealer has been updated three times and the malware developer is said to be continuously adding multiple functions.

Luca Stealer is designed to target Chromium-based browsers, chat applications, crypto wallets and gaming applications. The malware can steal stored credit cards, login credentials, cookies in browsers, access cryptocurrency wallet browser add-ons and steal details from gaming applications.

Bleeping Computer reports that Luca Stealer is particularly interesting in that it focuses on password manager browser add-ons, stealing locally stored data for 17 applications of its kind.

The Cyble researchers so far have witnessed 25 samples based on the Luca Stealer source code in the wild. They warn that more capabilities could be added to the malware in the future and can be expected to be adopted by multiple threat actors worldwide.

The choice of the Rust programming language to create Luca Stealer was of particular interest to cybersecurity researchers.

“As a development language, Rust has been gaining in popularity with many developers embracing it,” Mike Parkin, senior technical engineer at cyber risk remediation company Vulcan Cyber Ltd., told SiliconANGLE. “Threat actors will see the same technical advantages that other developers have in their shift to Rust from other languages, such as C++.”

Brendan Hohenadel, adversarial engineer at information security firm Lares LLC noted that “threat actors have begun using Rust recently thanks to its relative ease of use compared with other programming languages and its ability to interact with application programming interfaces of the Microsoft Windows operating system, granting low-level access, while simplifying historically complex aspects of programming like memory management.”

Image: Cyble

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU