Summary: A newly discovered information-stealing malware named Arcane is targeting a wide range of user data, including VPN credentials, gaming clients, and messaging apps. Originating from a campaign launched in November 2024, it has a distinct infection chain, often using YouTube promotions for game cheats to lure in victims. Notably, the majority of infections have been reported in countries like Russia and Kazakhstan, despite local threat actors typically avoiding such targets.
Affected: Users of VPNs, gaming clients, messaging apps, and web browsers
Keypoints :
- Arcane malware has no relation to the previously circulated Arcane Stealer V and has evolved significantly since its debut.
- Distribution relies on deceptive YouTube videos and fake software downloaders to install malware on infected systems.
- Data theft includes personal details from multiple applications, posing a risk for financial fraud and extortion, making cleanup efforts complicated for victims.