Info Stealer
Mars Stealer
First seen: 2021-06 • Status: active
Currently Active Threat
Mars Stealer is a newer, lighter password stealer. It specifically targets 2FA browser extensions, making it extra dangerous.
Overview
Mars Stealer was marketed as a successor to Oski Stealer. It is lightweight and targets browser credentials, 2FA extensions, and crypto wallets.
Also Known As
Mars
How It Spreads
- • Malvertising
- • Cracked software
- • Phishing
What It Does
- • 2FA extension theft
- • Browser credential theft
- • Crypto wallet theft
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Watch for browser extension access
MITRE ATT&CK Techniques
T1555, T1539
If You're Infected
- 1.
Reset 2FA on all accounts
- 2.
Change all passwords
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required