Styx Stealer malware exploits Windows vulnerability to ‘clip’ crypto

New malware called Styx Stealer has been uncovered by cybersecurity solutions provider Check Point Research. The newly discovered malware can steal a vast array of material, including cryptocurrency, through a mechanism known as clipping. It is freely available on a rental basis on the developer’s website.

Windows users with an up-to-date operating system are safe from the malware, since Styx Stealer depends on a vulnerability in Microsoft Windows Defender that was patched last year.

Malware upgraded to steal crypto

Styx Stealer was discovered because the developer experienced a data leak during debugging. It is derived from an older malware called Phemedrone Stealer. It maintains the functions of Phemedrone Stealer, such as stealing saved passwords, cookies, auto-fill data, cryptocurrency wallet data and instant messenger sessions, while incorporating new detection evasion techniques and adding a crypto clipper function.

Cryptocurrency clipping occurs when malware substitutes a crypto recipient’s wallet address with the bad actor’s wallet during a transaction.