‘Arkanix Stealer’ Malware Disappears Shortly After Debut
securityweek
A new infostealer named ‘Arkanix Stealer’ operated as a malware-as-a-service (MaaS) enterprise in a one-shot campaign, Kaspersky says.
Implemented in both C++ and Python, the malware emerged in October 2025, when its developer started advertising it in underground forum posts, but likely ceased operations in December, when its control panel and Discord channel disappeared.
While short-lived, Arkanix Stealer did provide miscreants with broad information-stealing capabilities, collecting system and user information, application details, browser data, Telegram and Discord data, VPN information, and stealing files from specific directories.
As part of the MaaS, users were provided with access to a control panel allowing them to configure payloads and access statistics.
Users were provided with a browser post-exploitation tool named ChromElevator, delivered via a native C++ version of the malware that could also harvest cryptocurrency wallet data.
The Python variant of the stealer, Kaspersky says, was deployed via a Python script, often bundled ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE