Meet BlackGuard: a new infostealer peddled on Russian hacker forums

Researchers have uncovered a new infostealer malware being peddled in Russian underground forums. 

Dubbed BlackGuard, zScaler says that the new malware strain is “sophisticated” and has been made available to criminal buyers for a monthly price of $200. 

Infostealers are forms of malware designed to harvest valuable data, potentially including operating system information, contact lists, screenshots, network traffic, and online account credentials including those used to access financial services and banking. 

A range of malicious software and exploit kits are sold every day underground, some of which are purchased outright. In contrast, others are offered on a malware-as-a-service (MaaS) basis: subscribers pay on a weekly, monthly, or yearly basis, and the developer keeps their malicious creations updated in return.

Perhaps to build a customer base for this malware, or to generate cash quickly, BlackGuard is also being sold for $700 in return for a lifetime subscription. 


According to the cybersecurity researchers, BlackGuard can steal information, including saved browser credentials and history, email client data, FTP accounts, autofill content, conversations in messenger software, cryptocurrency credentials, and other account information. Messengers targeted include Telegram, Signal, Tox, Element, and Discord.

When it comes to cryptocurrency theft, the malware will target

Read More: