Cyble researchers have uncovered a sophisticated infostealer campaign distributing Maranhão Stealer through fake websites offering pirated software and game cheats. This malware targets credentials and cryptocurrency data, employing advanced techniques like reflective DLL injection and persistence mechanisms. #MaranhaoStealer #CybleInvestigations
Keypoints
- The Maranhão Stealer malware is distributed via social engineering sites claiming to offer pirated content.
- It employs techniques such as registry keys, scheduled tasks, and hidden payloads for persistence.
- The malware collects sensitive data including browser credentials, cookies, and cryptocurrency wallet information.
- Advanced stealth features like reflective DLL injection and obfuscation are used to evade detection.
- The campaign has been active since May 2025 and continues to evolve with more sophisticated methods.
Read More: https://thecyberexpress.com/maranhao-infostealer-campaign/