Cyclops ransomware’s info stealer seeks Windows, Linux system compromise

Windows and Linux systems are being targeted by a new information-stealing malware peddled by the Cyclops ransomware operation, The Hacker News reports. Cyclops ransomware's info stealer, which is similarly based on the Go programming language as its ransomware's macOS and Linux versions, facilitates the exfiltration of operating system details, computer names, and process counts, as well as .TXT, .PDF, .DOC, .XLS, . PNG, .JPG, and .JPEG files, which are then sent to a remote server, according to an Uptycs report. Threat actors that have purchased the info stealer could then leverage its admin panel to access the stealer component. Cyclops ransomware also seeks a portion of the profits earned from data stolen using its malware. The findings follow SonicWall's discovery of the Dot Net Stealer malware, which has browser, app, VPN, and cryptocurrency wallet exfiltration capabilities. "These capabilities provide attackers to obtain valuable information from the victim's systems that can lead to big financial frauds which can make huge financial losses to victims," said SonicWall.