A newly discovered infostealing malware named “Shuyal” has entered the cyber threat landscape, posing a serious risk to users by targeting a wide range of web browsers and deploying sophisticated evasion methods. Identified by researchers at Hybrid Analysis, Shuyal is capable of stealing credentials and sensitive information from 19 different browsers, including lesser-known privacy-focused options like Tor and Brave.
The malware is named after identifiers found in its code path and represents a new generation of data stealers with expanded surveillance capabilities. Unlike traditional malware that only focuses on login credentials, Shuyal goes deeper—harvesting system-level information, capturing screenshots, monitoring clipboard activity, and sending all of it to cybercriminals using a Telegram bot-controlled infrastructure.
In his analysis, Vlad Pasca from Hybrid Analysis highlighted that Shuyal performs extensive system reconnaissance. Once it infects a device, it disables the Windows Task Manager to prevent users from detecting or ending the malware’s process. It also hides its tracks by removing evidence of its activities through self-deleting mechanisms, including batch scripts that erase runtime files once the data has been exfiltrated.
Among the browsers targeted by Shuyal are mainstream options such as Chrome and Edge, but it also compromises more obscure browsers like Waterfox, OperaGx, Comodo, Falk
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: