Rage Stealer Rebranded as Angry Stealer, Now Uses Telegram Bot for Data Theft


Beware of “Angry Stealer,” a new malware targeting your online accounts. This rebranded version of Rage Stealer steals passwords, credit card details, and more via Telegram. Protect yourself with strong passwords, updated software, and a reputable antivirus.

Cybersecurity researchers at Cyfirma have discovered a new malware dubbed “Angry Stealer” that steals personal data from unsuspecting users. This malware, aggressively marketed on Telegram and online platforms, is designed to extract sensitive information from infected systems.

The “Angry Stealer” malware is a rebranded version of the infamous “Rage Stealer,” a tool already notorious for its data stealing capabilities. This latest variant, however, has new features, targeting a wider range of data and employing advanced techniques allowing successful exfiltration.

The malware’s primary objective is to collect personal and sensitive information from your computer. This includes your online login credentials, banking details, cryptocurrency wallet information, and even your browsing history.

What makes this malware particularly dangerous is its ability to bypass security measures. It leverages a Telegram bot API to send the stolen data to a remote server, using hardcoded credentials that make it difficult to stop. This means the cybercriminals behind this attack have a direct line to your personal information, potentially leading to identity theft, financial fraud, and other serious consequences.

Rage Stealer being advertised on Telegram (Via Cyfirma)

The “Angry Stealer” is not a one-trick pony. It comes packaged with a secondary payload, “MotherRussia.exe,” which appears to be a tool for creating custom malicious executables. This means that cybercriminals could use this tool to launch even more sophisticated attacks in the future.

The growing popularity of this malware is alarming. It’s being advertised and sold on platforms that are designed to facilitate the distribution of malicious software, further fueling the spread of this threat. This underlines the need for heightened vigilance and the adoption of robust cybersecurity measures.

Mayur Upadhyaya, CEO and Co-Founder of APIContext emphasised the role malicious role of APIs by cybercriminals stating, “The recent emergence of Angry Stealer, a sophisticated info-stealer exploiting the Telegram API, underscores the critical need for robust API security measures. API drift, the divergence between an API’s expected and actual behaviour, plays a significant role in these vulnerabilities.”

Mayur warned that 75% of APIs tested exhibited nonconformant endpoints, highlighting the prevalence of API drift which can leak to large-scale security breaches, as attackers can exploit deviations to gain unauthorized access or exfiltrate data.

To protect yourself from “Angry Stealer” and similar threats, it’s essential to take several precautions. First, keep your software updated by ensuring that your operating system and all applications have the latest security patches.

Second, use strong passwords by creating unique, complex passwords and enabling multi-factor authentication whenever possible. Additionally, be cautious about suspicious emails and downloads; avoid clicking on links or downloading files from unknown sources.

Installing a reputable antivirus program is also important, as it can help detect and block malware before it causes damage. Finally, be aware of phishing scams, which are a common tactic used by cybercriminals to gain access to your personal information. Stay vigilant by avoiding suspicious links and not opening attachments in unsolicited emails.

  1. Hackers Leak i2VPN Admin Credentials on Telegram
  2. Telegram-Controlled TgRat Trojan Targets Linux Servers
  3. Telegram Android Flaw “EvilVideo” Sends Malware as Videos
  4. Chinese APT Slid Fake Telegram App onto Official App Stores
  5. Telekopye Toolkit Used as Telegram Bot to Scam Market Users





Source link