Windows Users Beware: Styx Stealer Malware Can Clip Your Crypto Transactions

Bitcoin Scam crypto scams Scam
The malicious software is capable of stealing a wide range of sensitive information.
Last updated:
Author
Author
Ruholamin Haqshanas
About Author

Ruholamin Haqshanas is a contributing crypto writer for CryptoNews. He is a crypto and finance journalist with over four years of experience. Ruholamin has been featured in several high-profile crypto...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more

Cybersecurity researchers at Check Point Research have uncovered a new threat targeting cryptocurrency users, dubbed the Styx Stealer malware.

The malicious software is capable of stealing a wide range of sensitive information, including cryptocurrency, by employing a technique known as clipping.

This method allows the malware to intercept and alter the recipient’s wallet address during transactions, diverting funds to the attacker’s account.

Styx Stealer Offered on Rental Basis

Styx Stealer is being offered on a rental basis through its developer’s website, with prices set at $75 per month or $350 for a lifetime license.

Initially launched in April, the malware has already been implicated in numerous attacks.

Notably, it is derived from an older malware variant known as Phemedrone Stealer, but with enhanced features including new detection evasion tactics and the addition of a crypto clipper function.

The malware’s discovery came about unexpectedly when the developer experienced a data leak during debugging.

The incident allowed researchers to trace the origins of Styx Stealer and uncover critical information about its operations.

It was revealed that the developer, based in Turkey, had amassed approximately $9,500 in cryptocurrency payments within the first two months of the malware’s release.

These payments were tracked to eight cryptocurrency wallets linked to the developer.

Styx Stealer primarily exploits a vulnerability in Microsoft Windows Defender, which was patched last year.

As a result, Windows users with up-to-date systems are not at risk.

However, those who have not updated their systems remain vulnerable to this malware.

The website promoting Styx Stealer, styxcrypter.com, initially featured detailed pricing and product information but was altered on August 16 to showcase a different product.

Purchases were facilitated through Telegram using various cryptocurrencies, including Bitcoin and Tether.

Check Point Research has also identified the developer’s Telegram accounts, email addresses, and phone numbers, providing critical leads for further investigation.

Overall Illicit Crypto Transactions Drop in 2024

A recent Chainalysis report revealed a decline in overall illicit cryptocurrency transactions in 2024, even as specific types of criminal activities within the sector surged.

Released on August 15 as part of the mid-year crypto crime update, the report found that hacking and ransomware attacks were becoming increasingly prevalent.

Two categories, in particular – stolen funds through hacking and ransomware attacks – have seen an uptick.

Of particular concern is the resurgence of hacking in 2024. Chainalysis noted a substantial increase in the value of stolen assets.

By the end of July, the cumulative value of stolen cryptocurrencies had reached $1.58 billion – an 84% increase compared to the same period in 2023.

While the number of hacking incidents only increased slightly (2.8% year-over-year), the average value stolen per hack surged dramatically.

In July alone, hackers stole approximately $266 million through 16 separate breaches, dealing the crypto sector substantial losses.

The July 18 attack on Indian crypto exchange WazirX stands out. This attack alone accounted for over $230 million, or 86.4%, of the month’s total losses.

More Articles

Altcoin News
Deutsche Bank Joins Boerse Stuttgart-Owned Bison as Banking Partner
Veronika Rinecker
Veronika Rinecker
2025-01-14 16:37:13
Features
Excessive Crypto Taxes May Trigger Talent Exodus from EU, Expert Warns
Hassan Shittu
Hassan Shittu
2025-01-14 11:10:37
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors