Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Meduza Stealer malware-as-a-service infostealer operation

Malware Activity
First reported
Last updated
Happening score
H score 21
1 unique sources, 1 articles

Summary

Hide ▲

The Meduza Stealer operation was built and distributed as malware-as-a-service, widening access to credential theft, cryptocurrency wallet theft, and browser-data theft for other criminals. The malware also gained a Chrome cookie-revival capability since December 2023, increasing account-takeover risk.

Related Happenings

Russian MVD arrests Meduza Stealer operators

Law Enforcement
First: 31.10.2025 15:45 Last: 31.10.2025 15:45 Sources 1

How related: The Russian authorities have arrested three individuals in Moscow who are believed to be the creators and operators of the Meduza Stealer information-stealing malware.

About this happening: Russian authorities **arrested three individuals** in a **Meduza Stealer** cybercrime case, detaining alleged operators of the infostealer in **Moscow**. The action expands crimin...

Open Happening

Timeline

  1. 31.10.2025 15:45 2 articles · 6mo ago

    Russian authorities arrest three alleged Meduza Stealer operators in Moscow

    Legal Policy Action Update

    Russian authorities said three individuals in Moscow were detained for creating and operating Meduza Stealer, an information-stealing malware distributed as malware-as-a-service through hacker forums; investigators said the group began distributing Meduza about two years ago, revived expired Chrome authentication cookies since December 2023, and allegedly targeted an institution in Astrakhan in May and stole confidential data from its servers.

    Show sources
    Open in new tab