Blog Layout
The Cybersecurity Lair™ • June 21, 2024

Latest News | Guard Your Data: Fortinet Unveils Versatile Fickle Stealer Malware

The primary concern is the Fickle Stealer's ability to bypass security measures and steal a wide range of sensitive data through multiple sophisticated attack methods.

Fortinet's FortiGuard Labs has identified the Fickle Stealer, a Rust-based malware capable of stealing sensitive information such as logins and financial details from Microsoft Windows-based systems. The malware uses a versatile and multi-pronged approach to infiltrate systems, exploiting software vulnerabilities and evading security measures. Fickle Stealer is delivered through various methods, including VBA droppers and downloaders, and conceals its presence using a sophisticated packer. It targets sensitive files, crypto wallets, and browser data, sending the collected information to a server. Continuous updates to its attack chain suggest ongoing development, highlighting the need for robust security measures.


Key Points and Takeaways:


  • Discovery and Nature: Fickle Stealer, discovered by FortiGuard Labs in May 2024, is Rust-based malware with versatile targeting.
  • Delivery Methods: Utilises four primary methods - VBA dropper, VBA downloader, link downloader, and executable downloader.
  • Infiltration Techniques: Disguises itself as legitimate applications/documents and uses PowerShell scripts for initial preparation.
  • Packer Usage: Employs a sophisticated packer to conceal its presence and execute before detection, with anti-analysis measures.
  • Data Targets: Steals data from crypto wallets, browser data, and applications like Discord, Steam, and Telegram.
  • Server Communication: Sends victim data to a server, which then provides specific targets and keywords for further attacks.
  • Ongoing Development: The attack chain is frequently updated, indicating the malware is still under development.


Source and further reading


Ahmed, D. (2024, June 20). New Fickle stealer exploits software flaws to steal crypto, browser data. Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News. https://hackread.com/fickle-stealer-software-flaw-steal-crypto-browser-data/


Staff, S. (2024, June 21). Multiple attack vectors leveraged to deliver new Fickle Stealer malware. SC Media. https://www.scmagazine.com/brief/multiple-attack-vectors-leveraged-to-deliver-new-fickle-stealer-malware

Share by: