New research by Malwarebytes analyses a new information-stealing malware that is being distributed through Russian underground forums. The researchers suspect that three prominent Russian hackers are behind the new malware, dubbed Baldr.
Baldr has “high-level functionality,” allowing it to retrieve various types of valuable information from an infected computer, including system information, browser data, stored passwords, text documents and the presence of cryptocurrency wallets.
Information stealers like Baldr are increasingly popular among cyber criminals. The researchers explain that “[u]nlike many banking Trojans that wait for the victim to log in to their bank’s website, stealers typically operate in a grab and go mode” meaning that “upon infection the malware will collect all the data it needs and exfiltrate it right away.”
Read more: Grab-and-go Baldr malware enters the black market