Cybersecurity

8468 readers

33 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

Shuyal Stealer Malware Exploits 19 Browsers to Steal Logins (gbhackers.com)

submitted 4 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

4 comments fedilink hide all child comments

top 4 comments

sorted by: hot top controversial new old

[–] thisbenzingring@lemmy.sdf.org 6 points 4 days ago

this article would be more helpful if they included info on how its spread... a grapic that suggests phishing and melicious website is kinda weak sauce.

[–] Kolanaki@pawb.social 5 points 4 days ago (1 children)

Exploits 19 browsers to steal logins

Whew. Good thing I only have 2 of them fuckers installed.

[–] TribblesBestFriend@startrek.website 3 points 4 days ago

Chrome, Edge, Tor, Brave, Opera, Opera GX, Yandex, Vivaldi, Chromium, Waterfox, Epic, Comodo, Slimjet, Coc Coc, Maxthon, 360 Browser, Falkon, and two lesser-known variants.

[–] BCOVertigo@lemmy.world 3 points 3 days ago* (last edited 3 days ago)

For clarity this is windows malware, not a browser exploit.

Distributed as c++ payload, persists in Startup by writing itself there with the CopyFileA api, uses powershell to pull browser data from file system... This is windows malware that knows what files to look in for various browsers and then exfiltrates via telegram. I wouldn't have titled it like this since it make it seem like a browser exploit instead of a ball of c++ and powershell but it's neat that they cast such a wide net I guess. No mention so far of distribution method, initial exploit, or group attribution that I've been able to spot.

Original report from July: https://hybrid-analysis.blogspot.com/2025/07/new-advanced-stealer-shuyal-targets.html

Additional info: https://www.pointwild.com/threat-intelligence/shuyal-stealer-advanced-infostealer-targeting-19-browsers