A threat actor has emerged claiming to offer the source code for a sophisticated malware known as Baloo Stealer. The announcement, made by the threat actor, sheds light on the capabilities and structure of this malware.
Baloo Stealer, according to the actor, is a fully developed and self-powered native styler. Although it has not been widely used, the threat actor asserts that it is a finished product ready for personal use or license sale.
Key Features of Baloo Stealer:
1. Advanced Encryption: The malware incorporates 256-bit encryption for critical communications between the database and the client and server components.
2. Architectural Components:
Visual Panel: Interface for managing stolen data.
Server: Handles queries between the panel and the client, including the builder.
Stealer: The core malware component responsible for data theft.
3. Functionality:
Capturing cookies, passwords, screens, and desktop grabs.
Extracting DS Tokens, FTP credentials, Steam, Telegram, and cryptocurrency-related data.
Parsing connections, extracting credit card information, and autofill data.
4. System Information: Collects details such as server information, local data, and last seen timestamps. Additionally, it gathers system details like Process ID (PID), MAC address, processor information, display devices, RAM, time zone, user ID, operating system, and display size.
5. Supported Browsers: Baloo Stealer is capable of targeting a wide range of browsers, including popular ones like Firefox, Chrome, Opera, and Edge, among others.
Sale Details:
Price: The threat actor offers the entire source code for $1500.
Availability: Only one copy of the source code is available for sale.
The threat actor’s announcement highlights the sophistication and comprehensive capabilities of Baloo Stealer, raising concerns about the potential risks posed by such malware.
For more information and inquiries, the threat actor directs interested parties to contact them directly.
