WeSteal Infostealer Sold Online by Inexperienced Malware Developers

How Identity Thieves Steal Information

Public and private hacking forums are the favorite spot of both novice and experienced cybercriminals. Newbies over there can often spend around $50-$100 to get their hands on a personalized piece of malware, which they can use for a couple of months or even permanently. This post goes over a recent ad, which concerns this exact type of malware. The threat, dubbed the WeSteal Infostealer, is being promoted on multiple hacking boards by its creators. They advertise it as a one-of-a-kind stealer, which prioritizes targeting cryptocurrency wallets – not a surprise considering the rapid increase of cryptocurrency value over the past few months.

Sleek Marketing Campaign for Low-quality Commodity Malware

The developers of the WeSteal Infostealer appear to be trying to build a brand, and they have even set up an official website to sell their tools – WeSupply. Cybersecurity experts believe that WeSteal might be a rebranded or slightly modified variant of the WeSupply Crypto Stealer that the same gang released in 2020. According to WeSupply's advertisement, the WeSteal Infostealer is able to bypass antivirus software and make use of zero-day exploits to compromised machines – thankfully, these statements are false, and you can rest assured that an updated antivirus tool will keep you safe from this stealer's attack.

WeSteal Infostealer's price is set to €20/month, €50/3 months, and €125 for a year. The developers say that their malware is customer-friendly since the buyer will not need to worry about setting up a control serve. They can manage the WeSteal Infostealer through a Web-based panel. Despite being labeled as an infostealer, that's not WeSteal's true purpose. What it does is to monitor the clipboard of the victim for cryptocurrency addresses used by Bitcoin, Monero, Litecoin, Ethereum, and Bitcoin Cash. If such a string is copied by the victim, the malware will replace it with a wallet owned by the attacker. This attack is known as cryptojacking, and the malware that executes it is typically referred to as a clipper.

The authors of the WeSteal Infostealer have focused solely on marketing their poor attempt at creating an infostealer. It seems that they are preying on inexperienced cybercriminals who will immediately pay the subscription fee, because of the great features they are promised. Thankfully, WeSteal is far from good as it only possesses one barely functional feature. Still, malware attacks of this sort should never be underestimated, and you should keep your system protected by an antivirus application.

By Ruik
April 30, 2021
Malware
English
April 30, 2021
Malware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Malware, Trojan

WeControl RAT is a Commodity Malware Linked to WeSteal Infostealer

The WeControl RAT is a Remote Access Trojan (RAT,) which is being sold online via the official website of the developers, as well as through ads posted on various hacking forums. The good news is that WeControl RAT is... Read more

April 30, 2021
Malware

TEARDROP Malware

The TEARDROP Malware is identified as a basic Trojan Dropper, which was used by the cybercriminals behind the recent supply-chain attack linked to the SolarWinds software vendor. This campaign involved the use of a... Read more

April 26, 2021
Malware

How to Remove FoundCore Malware

FoundCore Malware is an old, but newly identified malware family, which is being used and developed by an Advanced Persistent Threat (APT) group tracked under the alias APT27 (also known as Cycldek or Goblin Panda.)... Read more

April 7, 2021
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.