About Teletype
Join
THREAD
@thread_type
Today

Wish Stealer

Stealer созданный на базе Node.js, специально разработанный для извлечения конфиденциальных данных из браузеров на базе Chromium и Firefox. Эта вредоносная программа захватывает токены, файлы cookie, криптовалютные кошельки и многое другое.

Особенности:

  • Development
  • Clean and efficient codebase.
  • Up-to-date dependencies.
  • Minimal reliance on external Node.js libraries.
  • Modules
  • antidebug: Terminates debugging tools (incomplete). ️
  • antivirus: Disables Windows Defender and blocks access to antivirus-related websites.
  • antivm: Terminates execution if running inside a virtual machine environment.

browsers:

  • Captures logins, cookies, credit card details, bookmarks, autofill data, browsing history, and downloads from 37 Chromium-based browsers.
  • Captures logins, cookies, browsing history, bookmarks, and downloads from 10 Gecko/Firefox-based browsers.
  • sessions: Extracts active sessions from platforms like Spotify, TikTok, and Instagram.
  • clipper: Monitors the clipboard for crypto addresses and replaces them.
  • commonfiles: Collects sensitive files from common directories on the system.
  • fakeerror: Displays a fake error message to trick users into thinking the program has crashed.
  • games: Extracts session data from popular game launchers like Epic Games and Minecraft and More.
  • hideconsole: Hides the console window to run the program discreetly.
  • injections: Injects into applications like Discord and crypto wallets to capture sensitive information.

discord:

  • Persistent startup injection (remains active even if the user attempts to remove it).
  • Captures logins, registration data, and two-factor authentication requests.
  • Intercepts email and password change requests as well as backup code requests.
  • Blocks QR code logins and views of connected devices.
  • Phishing mode simulates alerts to trick users into changing their email credentials.
  • killprocess: Terminates processes that are listed in a predefined blacklist.
  • socials: Extracts data from over 20 social media applications, stealing sensitive information from each.
  • startup: Ensures the program launches automatically when the system starts. ️
  • stealcodes: Captures (2FA) codes from services like Discord, GitHub, Google, and more.
  • system: Gathers detailed system information including IP address, installed antivirus software, screenshots, CPU, GPU, RAM details, location, and saved Wi-Fi networks.
  • tokens: Extracts tokens from four Discord applications and over 30 browsers.
  • vpns: Retrieves sensitive files from over 20 VPN applications installed on the system.
  • wallets: Extracts data from more than 30 browser-based cryptocurrency wallets, as well as crucial information from locally installed wallets.

Требования:

  • Node.js

Download | Github

#malware
THREAD
Today, 08:55
0 reactions
0 views