Divulge Stealer Unveiled: Advanced Info-Stealer Targets 25 Cryptocurrency Wallets

A malware known as Divulge Stealer has been introduced, claiming to significantly enhance the capabilities of its predecessor, Umbral-Stealer. This updated version, developed to target 25 major cryptocurrency wallets, boasts a comprehensive redesign and advanced features aimed at precise data extraction.

Divulge Stealer includes a range of new functionalities:

1. Comprehensive Redesign: Built from the ground up, this iteration introduces advanced techniques for targeting cryptocurrency wallets with improved accuracy.
2. Expanded Wallet Support: The stealer now covers 25 major cryptocurrency wallets, including Bitcoin, Ethereum, and Monero, broadening its reach and effectiveness.
3. Recursive Data Extraction: Employing a sophisticated recursive technique, it thoroughly scans and retrieves wallet files, ensuring no traces are left behind.
4. Signature Appending Feature: A new option allows users to append a custom .exe digital signature, enhancing stealth and making detection more challenging.
5. Optimized Design: Unnecessary features have been removed to reduce the overall file size.

Key features of Divulge Stealer include:

• Anti-Virtual Machine Detection: Detects and exits if running in a virtual machine to avoid analysis.
• Admin Privileges Management: Requests elevated privileges for certain operations and ensures persistence across reboots.
• Self-Protection Mechanisms: Hides its executable, disables Windows Defender, and includes other techniques to avoid detection.
• Data Collection: Extracts browser passwords, cookies, Discord tokens, cryptocurrency wallet data, screenshots, and saved credit cards.
• Real-Time Connection Monitoring: Monitors for an active internet connection before executing network tasks.
• Exfiltration: Compresses and sends stolen data to a specified webhook, with statistical reporting.
• Stealth Operations: Operates silently and can remove itself from the system after execution.
• Blocking Security Sites: Blocks access to antivirus and security websites to prevent analysis and removal of the malware.

Divulge Stealer offers a range of features designed to capture and exfiltrate sensitive data while minimizing detection.