New stealer uses invalid cert to compromise systems

Intel Name: New stealer uses invalid cert to compromise systems

Date of Scan: November 12, 2024

Impact: Medium

Summary:
The Fickle Stealer, a new Rust-based information stealer, has emerged in May 2024. It spreads through phishing, drive-by downloads, and exploit kits, often using malicious attachments or invalid certificates to compromise systems. Once installed, it bypasses security measures like User Account Control (UAC) and steals sensitive data such as passwords, credit card details, and cryptocurrency wallet info. It can also download additional payloads, take screenshots, and self-delete after execution to avoid detection.

More Details