Meduza: Scary name, scarier malware

July 10, 2023

By Kim Komando

Use Chrome, Edge, Brave, Sidekick, Opera or Firefox to browse the web? What about Discord, Steam, a password manager or a crypto wallet?

You’re a prime target for the Meduza Stealer — a type of malware that poses a serious personal and digital security risk. Its primary purpose is to steal valuable data from your computer. We’re talking login credentials, credit card details and cryptocurrency wallet data.

Let’s take a deeper look at how the malicious software works. Consider this your Cybersecurity 102 lesson of the day!

Hunt and gather

Once Meduza Stealer infiltrates a computer, it gets to work gathering information. Step 1: GPS check. Meduza does not steal data from any computer in Russia, Kazakhstan, Belarus, Georgia, Turkmenistan, Uzbekistan, Armenia, Kyrgyzstan, Moldova or Tajikistan.

Not in one of those countries? Great. Now it’s ready to collect details about your computer system, which it then uses to sniff out your valuable data. Passwords, card details and other credentials are fair game. Then all that info goes back to the attacker.

It can steal info from 19 password manager apps, 76 crypto wallets and 95 web browsers, as well as apps Discord and Steam.

Hiding in plain sight

The Meduza Stealer is notoriously hard to spot. A process called obfuscation hides its activities, essentially masking actions so they appear harmless or invisible to your computer’s security software. It also uses encryption to protect your stolen data during transmission back to the attacker. Uh, thanks?

It’s also pretty darn good at tricking standard antivirus software. The stealer changes and adapts once it’s spotted so it can fly under the radar. Free AV isn’t going to cut it.

How to protect yourself

Yeah, it’s tricky, but some vigilance and basic security measures go a long way.

Regular system updates and patches can fix any security vulnerabilities that the malware could exploit.
Always use 2FA — Use two-factor authentication (2FA) for better security whenever available. Tap or click here for details on 2FA.
Use strong, unique passwords — Tap or click here for new password rules to secure your accounts.
Antivirus is vital — Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

Using free antivirus? Here’s what it could cost you

The lists that show everything Google knows about you

https://www.komando.com/tips/cybersecurity/meduza-malware/