A piece of malware has emerged as a threat to users worldwide.
Written in C#, this stealer is designed to capture and send sensitive data to a Discord channel, posing severe risks to personal and corporate data security
Features and Capabilities
According to reports from ThreatMon, Legion Stealer V1 boasts a range of features that make it a formidable tool for cybercriminals.
It can take screenshots, access webcams, and gather extensive user and network information
Additionally, it collects disk information, can reboot systems, and disable antivirus programs and the task manager.
This malware also includes advanced functionalities like anti-debugging and virtual machine detection, making it difficult to analyze and stop.
Furthermore, it can extract sensitive information from Discord accounts, such as nitro details, badges, billing information, emails, phone numbers, and friend lists.
Legion Stealer V1 is compatible with various browsers including Chrome, Edge, Brave, and Opera GX.
Distribution and Evasion Techniques
The distribution of Legion Stealer is particularly concerning due to its stealthy nature.
It is marketed as undetectable malware, increasing its appeal among cybercriminals
The stealer has been observed targeting specific groups such as PUBG players by masquerading as a fake PUBG Bypass Hack on GitHub.
This method allows the malware to infiltrate systems under the guise of legitimate software.
Upon execution, Legion Stealer manipulates Windows Defender settings and extracts registry information to evade detection.
It employs anti-debugging techniques and checks for virtual environments to prevent analysis by cybersecurity professionals.
The emergence of Legion Stealer V1 highlights the evolving tactics used by cybercriminals to breach systems.
Its ability to disable security measures and gather extensive personal information poses a significant threat to users’ privacy and security.
Also Read: