"Titan Stealer: A New Golang-Based Information Stealer Malware Emerges"

Through their Telegram channel, threat actors are promoting a new Golang-based information-stealing virus dubbed Titan Stealer. The stealer can take data from infected Windows machines, including credential data from browsers and cryptocurrency wallets, FTP client details, screenshots, system information, and more, according to researchers from Uptycs. By querying the Internet of Things (IoT) search engine Shodan in November 2022, cybersecurity researcher Will Thomas was the first to document the malware's details. Titan is available as a builder, allowing clients to configure the malware binary with specified capabilities and the type of data to be exfiltrated from a victim's machine. The malware, upon execution, injects the malicious payload into the memory of a legitimate process called AppLaunch.exe, which is the Microsoft .NET ClickOnce Launch Utility, using a technique known as process hollowing. This article continues to discuss details regarding the Titan Stealer Golang-based information stealer malware.

THN reports "Titan Stealer: A New Golang-Based Information Stealer Malware Emerges"