Santa, the malware thief SantaStealer aimed at stealing passwords.

Santa, the malware thief SantaStealer aimed at stealing Windows user group passwords.

Although Christmas season may have been around for a while, during that week there was a group of hackers relying on Santa Claus's famous reputation to release data theft malware, or a new Infostealer with a similar name.

According to a report by the website, Techi mentioned that a research team from Rapid 7, a cybersecurity specialist company, detected a new malware distribution campaign, SantaStealer, that specifically focused on Windows operating system users, whose detection first occurred during the December 2025 period. This malware is sold on the underground market within the Telegram chat service and on the black market of other source hackers in the form of malware for rental use (MaaS or Malware-as-a-Service), with prices starting from US $175 (5,499.46) to US $300 (9,432) per month. The research team expects that the hackers behind this malware are highly likely to be hackers from Russia.

To access the victims of malware, hackers who use it often use social engineering deception. By deceiving the IT Support, contact the victim and deceive the victim to run commands to download and install the malware to the machine during the long Christmas season. This is when the target victim is usually the least vigilant.

For malware capabilities, it can be called multi-functional and can enhance new capabilities. Because the malware works in a Module manner, the main ability of the malware is to steal sensitive information of the victim, such as information about the kerrency wallet, passwords, documents, to the data inside the installed application, such as Google Chrome. It also has the ability to smuggle screenshots and evade Chrome's App-Bound Encryption system.

# Trending # lemon 8 diary # Lemon 8 Howtoo # freedomhack # Malware