Medusa Stealer Combines Cryptominer and Spyware

Medusa Stealer is a strain of malware that combines a wide range of malicious features inside it.

The malware functions as both data stealer and cryptominer, as well as a DDoS tool. Its data exfiltration capabilities include scraping system information, browser search history, usernames and login data stored locally inside the browser.

The Medusa Stealer also includes a curious addition - a DDoS module that allows the malware to launch distributed denial of service attacks, using infected systems.

Finally, Medusa Stealer also has cryptominer capabilities. This means the malware can harvest and abuse system resources, most notably CPU cycles and GPU processing power, to mine cryptocurrency for the benefit of the malware's operator. This process always causes significant system slowdown, as the computer's components are working full-steam on the cryptomining task.

This is an unusually diverse feature set for this sort of malicious application. It remains to be seen if the Medusa Stealer malware will evolve further.

Medusa Stealer Could Lead to Crypto-Mining On Your Computer

October 20, 2022