HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

C/C++ Skuld - Next-Gen Stealer [Go]

Status
Not open for further replies.
itsMe

itsMe

*KillmeMories*
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
Joined
Jan 8, 2019
Messages
56,623
Solutions
2
Reputation
32
Reaction score
100,455
Points
2,313
Credits
32,750
‎6 Years of Service‎
 
76%
system.png


Go-written Malware targeting Windows systems, extracting User Data from Discord, Browsers, Crypto Wallets and more, from every user on every disk. (PoC. For Educational Purposes only).

This proof of concept project demonstrates a "Discord-oriented" stealer implemented in Go, a language not commonly utilized for such purposes on GitHub. The malware is designed to operate on Windows systems and employs a method involving privilege escalation, specifically leveraging the well-known Fodhelper technique. By elevating privileges, the malware gains access to sensitive user data stored in all user sessions on every disk

Features:

    UAC Bypass: Grants privileges to steal user data from others users. 🕵️‍♂️
    Console hiding: Module to hide the console. 🕶️
    Fake Error Simulation: Trick user into believing the program closed due to an error. 🎭
    Startup Persistence: Ensures the program runs at system startup. 🚀
    Anti-debugging Measures: Detects and exits when running in virtual machines (VMs). 🔍
    Antivirus Evasion: Attempts to disable Windows Defender and block access to antivirus websites. 🦠
    System Information Retrieval: Gathers CPU, GPU, RAM, IP, location, saved Wi-Fi networks, and more. 🖥️
    Chromium-based Browsers Data Theft: Steals logins, cookies, credit cards, history, and download lists from 37 Chromium-based browsers.
    Gecko Browsers Data Theft: Steals logins, cookies, history, and download lists from 10 Gecko browsers. 🦊
    Common Files Theft: Steals sensitive files from common locations. 🗂️
    Discord Backup Codes Theft: Captures Discord Two-Factor Authentication (2FA) backup codes. 🔑
    Wallet Data Theft: Steals data from 10 local wallets and 55 wallet extensions. 💰
    Discord Tokens Theft: Extracts tokens from 4 Discord applications, Chromium-based browsers, and Gecko browsers.
    Games Data Theft: Extracts Epic Games, Uplay, Minecraft (14 launchers) and Riot Games sessions. 🎮

    Discord Injection:
        Intercepts login, register, and 2FA login requests.
        Captures backup codes requests.
        Monitors email/password change requests.
        Intercepts credit card/PayPal addition requests.
        Blocks the use of QR codes for login.
        Prevents requests to view devices.

    Crypto Wallets Injection:
        Captures mnemonic phrases.
        Captures passwords.
    Crypto Clipper: Replaces the user's clipboard content with a specified crypto address when copying another address. 📋

To see this hidden content, you must like this content.
 
Is it possible to make the logs sent to telegram?

 
Status
Not open for further replies.
Back
Top