An advanced strain of infostealer malware dubbed Chihuahua Stealer has been found, originally flagged by a Reddit user and later analysed by G Data CyberDefense. Underneath its unsophisticated appearance are advanced methods such as stealthy loading, task persistence scheduling, and deploying a multi-tier payload. The malware collects personal data from users’ browsers and crypto wallet extensions. G Data CyberDefense encouraged vigilance for signs of the malware, such as frequent scheduled PowerShell jobs with dubious commands and uncommon AES-GCM usage.
GitHub hit by a sophisticated malware campaign as ‘Banana Squad’ mimics popular repos
The repository names are identical to other repositories, indicating typo-squatting. These repositories also contain search keywords and emojis, signifying potential AI use. ReversingLabs warns developers
