As per Juniper Networks, it also steals: PC and system information, credit card browser data, browser passwords, installed software and processes, desktop files, screenshot of desktop, browser cookies, steam files, AutoFill browser fields, Discord and Telegram data, and FileZilla files.
The program dumps this information to the malware controller’s Telegram account, ensuring relative security for the data it steals. It can clip and change Monero, Litecoin, Zcash, Dash, and Ethereum addresses automatically and uses special search functions to pinpoint these addresses on one’s clipboard. Once it swaps the addresses it can intercept crypto as its being sent to legitimate wallets.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. If you see a comment that you believe is inappropriate to the discussion, you can bring it to our attention by using the report abuse links. As the comments are written and submitted by visitors of the The Paypers website, they in no way represent the opinion of The Paypers.