cyperine


Following our research on Cyperine 2.0 and Next Man History Stealer, the malware author rebranded their info stealer as Medusa. While it basically has the same featurse as Cyperine, you now need a valid account to access the builder. The example below compares Cyperine on the left and Medusa on the right, which shows a user logged in as Deadzeye. Figure 01. Builder comparison between Cyperine (Left) and Medusa (Right) The builder signatures clearly show that both of these variants were made by the same author, who goes by the name... [Read More]
by RSS David Maciejak and Rommel Joven  |  Nov 10, 2016  |  Filed in: Security Research
  Cyperine is a VB .NET info stealing malware advertised in hacking forums to retrieve information from victims and sends it to whichever email is entered in the builder. Cyperine version 1.0 was first released in December 2014, and on June 14, 2016 version 2.0 was released. It steals SSFN steam’s authentication files, stored passwords from browsers, user logins, and software product keys installed in the victim’s computer.   Figure 01. Cyperine builder   The seller also provides a skype account for... [Read More]
by RSS Rommel Joven and David Maciejak  |  Jul 07, 2016  |  Filed in: Security Research