BlackGuard, a New Info-Stealer, for Sale on Russian Hacking Forums

A new info-stealer malware dubbed BlackGuard has been identified by security analysts. It seems that it’s put up for sale on Russian hacking forums, according to the researchers who discovered it.

BlackGuard Advertised for Sale

The malware has been described by the ZScaler experts, who published a report on this topic, as “sophisticated”, its monthly price on underground forums rising up to no less than $200.

While recently perusing one of these hacking forums during regular research activities, the Zscaler ThreatLabz team came across BlackGuard, a sophisticated stealer, advertised for sale. Blackguard is currently being sold as malware-as-a-service with a lifetime price of $700 and a monthly price of $200. BlackGuard has the capability to steal all types of information related to Crypto wallets, VPN, Messengers, FTP credentials, saved browser credentials, and email clients.

Source

How Does BlackGuard Work?

According to the experts’ analysis, the BlackGuard malware targets files like wallet.dat for cryptocurrency theft purposes. These types of wallets may contain wallet addresses and private keys. What’s more, is that Chrome and Edge extensions for crypto wallets can become targets too.

BlackGuard which is written in.NET, is currently under active development. However, it already owns the following functionalities:

Base64

Read More: https://heimdalsecurity.com/blog/blackguard-a-new-info-stealer-for-sale-on-russian-hacking-forums/