New Flame Stealer Malware Attacking Users to Steal Credit Card Data

A new malware named “Flame Stealer” has been making waves in the cybersecurity community, posing a significant threat to users’ financial and personal data.

Developed in C and C++, this sophisticated software was first announced on Telegram on April 14, 2024, and has since been evolving with claims of being undetectable by conventional antivirus tools.

Extensive Data Stealing Capabilities

Flame Stealer is designed to be an extensive data thief, capable of stealing a wide range of sensitive information. According to a ThreatMon tweet, the malware can capture login information, new emails, passwords, credit card details, and PayPal information.

This stolen data is transmitted instantly to a designated webhook or Telegram channel, ensuring that the cybercriminals receive the information in real-time.

How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide

The malware remains constantly active on infected systems through automatic re-injection, making it a persistent threat.

One of the most alarming features of Flame Stealer is its ability to target popular platforms such as Discord, Spotify, Instagram, TikTok, and Roblox.

It captures login credentials and steals cookies, passwords, autofill data, and credit card information from these platforms. This broad targeting scope increases the risk for many users, especially those who frequently use these services.

The malware also collects information about browser extensions, Discord accounts, connections, bots, and servers, adding another layer of data theft.

Flame Stealer employs advanced methods to avoid detection by antivirus and security software, making it particularly dangerous. It takes screenshots of the user’s desktop and steals visual data at critical moments, such as when users enter sensitive information.

Additionally, it targets digital assets by stealing wallet information and capturing entered Two-Factor Authentication (2FA) codes, posing a threat to users’ online security. The malware also collects detailed information about the infected computer, including private accounts and digital entitlements like Fivem accounts.

As Flame Stealer develops and adapt, cybersecurity experts urge users to remain vigilant and take necessary precautions to protect their data.

Regular updates to security software, cautious online behavior, and awareness of potential threats are crucial in mitigating the risks posed by this new malware.

Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access

Dhivya
Divya is a Senior Journalist at Cyber Security news covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.