Anivia Stealer represents a significant threat in the realm of credential theft, as it is specifically designed to affect Windows environments ranging from legacy XP to Windows 11. Built using C++17, this malware not only undermines User Account Control (UAC) through automatic elevation, but also ensures comprehensive data exfiltration capabilities. ZeroTrace is actively promoting Anivia on cybercriminal marketplaces with subscription options, ranging from €120 per month to €680 for lifetime access. The malware targets various types of sensitive information, including browser credentials, authentication cookies, and cryptocurrency wallet data.
KrakenLabs has linked Anivia Stealer to the previously identified ZeroTrace Stealer, suggesting it may be a rebrand or fork of the earlier malware. Its automatic elevation feature exploits Windows privilege escalation vulnerabilities, allowing it to bypass crucial security measures without user consent. This ability to neutralize UAC protects it from detection and enables access to secured system areas and cached credentials. Additionally, by requiring no external dependencies, Anivia Stealer complicates the forensic process and enhances its deployment across varied targets while presenting a significant challenge for security solutions.
👉 Pročitaj original: Cyber Security News
