top of page

Rust-based Myth Stealer Malware Campaign Targeting Browser Users

June 12th, 2025

Severity Level: Medium

Technical Details

  • Malware Family: Myth Stealer.

  • Language Used: Rust.

  • Distribution Vector: Fake game distribution sites offering pirated games or free game downloads.

  • Target Applications: Chrome, Firefox, Chromium-based browsers, cryptocurrency wallets.

  • Capabilities: Credential theft, cookie theft, system info collection, clipboard monitoring.

Upon execution, the Myth stealer collects a wide array of data, including:

  • Saved passwords from browsers.

  • Cookies and autofill data.

  • Installed application lists.

  • System information (CPU, GPU, OS version, etc.)

  • Crypto wallet data (Metamask, Exodus, etc.)

  • Clipboard content.

The malware is developed using Rust, which provides high performance and cross-platform compatibility. It uses obfuscation techniques to avoid detection by standard antivirus software. Data is exfiltrated via encrypted HTTP POST requests directed to a command-and-control infrastructure managed by the attacker.

Security researchers have discovered a new malware campaign involving a Rust-based information stealer called Myth. This malware is actively distributed through fake gaming websites and primarily targets users of Google Chrome and Mozilla Firefox browsers. Its main goal is to exfiltrate sensitive data, including login credentials, cookies, browsing history, and cryptocurrency wallet information.
The malware is distributed through fake websites that disguise themselves as legitimate platforms offering popular pirated or free PC games. Once installed, the malware runs quietly in the background, gathering information from the browser and the system before sending it to a command-and-control (C2) server controlled by an attacker.

Image by ThisisEngineering

Impact

Successful infection with Myth Stealer can result in:

  • Credential theft for social media, banking, and gaming      accounts.

  • Loss of cryptocurrency assets due to stolen wallet data.

  • Exfiltration of sensitive corporate data if run on enterprise systems.

  • User surveillance through browser and system profiling.

The campaign targets a wide range of users, including gamers and individuals interested in pirated[KM1]  or free software, posing a threat to both individual and enterprise environments.

[KM1]Better word than cracked if theyre interchangeable

Detection Method

To detect potential infection:

  • Review Browser Artifacts: Look for any unusual browser extensions, changed settings, or credential leaks.

  • Monitor Network Traffic: Check for encrypted POST requests directed at unknown or suspicious C2 domains.

  • Check File System and Process Activity: Look for Rust-compiled executables operating from temporary directories or downloads.

  • Endpoint Scanning: Utilize Endpoint Detection and Response (EDR) tools to identify and flag suspicious processes that are accessing browser data and wallet directories.

Security monitoring systems should look for:

  • Stealer behavior patterns (e.g., accessing files in browser profile directories).

  • Obfuscated Rust binaries.

  • Traffic to unusual IPs or domains shortly after downloading gaming-related content.

Indicators of Compromise

There are no Indicators of Compromise (IOCs) for this advisory.

mix of red, purple, orange, blue bubble shape waves horizontal for cybersecurity and netwo

Recommendations

  • Avoid Untrusted Sources: Do not download games or software from      unofficial or cracked sites.

  • Endpoint Protection: Implement      advanced EDR solutions capable of detecting Rust-compiled binaries and      memory-resident stealers.

  • Browser Hardening: Utilize      password managers and disable password saving in browsers.

  • Network Monitoring: Monitor      outbound connections for indicators of command and control (C2)      communication.

  • Educate Users: Conduct      awareness campaigns about the risks of downloading pirated games or      software.

Conclusion

The Myth Stealer campaign highlights the growing sophistication of malware that is distributed through social engineering and user deception. By utilizing Rust for enhanced performance and stealth, this malware poses a significant threat to both individuals and organizations due to its extensive capabilities for data theft. To mitigate this risk, organizations must implement proactive defensive measures, such as endpoint monitoring, increase user awareness through training, and avoid using pirated content.

bottom of page