Image by Samsung Memory, from Unsplash
New Rust-Based Malware Steals Passwords from Fake Gaming Sites
Reading time: 2 min
Last Updated: Jun 11, 2025
-
![Kiara Fabbri]()
-
![Sarah Frazier]()
Fact-Checked by Sarah Frazier Content Manager
Myth Stealer is a Rust-based malware spreading through fake gaming sites, tricking users with fake windows and stealing sensitive browser and app data.
In a rush? Here are the quick facts:
- Distributed via fake gaming sites using password-protected archives or standalone files.
- Malware shows fake windows to trick users while stealing sensitive data silently.
- Uses string obfuscation and sandbox evasion to avoid detection by security software.
The Trellix Advanced Research Center discovered Myth Stealer as a dangerous malware, which developers built using the Rust programming language. The malware first appeared on Telegram during late December 2024 as a free trial, before transitioning to a paid subscription service.
The malware primarily spreads through fake gaming websites, which present themselves as game-related software to deceive users. The malware displays a deceptive interface to victims, making them believe the application is secure while it steals crucial data, including passwords, cookies, and autofill information from Chrome and Firefox browsers.
Researchers explain, “The malware authors regularly update stealer code to evade AV detection and introduce additional functionality such as screen capture capability and clipboard hijacking.”
The malware employs sophisticated methods to conceal itself through code string obfuscation and sandbox detection, evading security tool analysis. The malware attempts to gain administrative privileges to steal additional data, while hijacking the clipboard to substitute cryptocurrency wallet addresses, resulting in users sending money to attackers.
The malware transfers all stolen data to its command server, occasionally uploading screenshots of the compromised computer system.
The malware operators use Telegram channels to market their product through cryptocurrency payments and Razer Gold credit transactions. The Telegram groups operated separately to sell stolen accounts until Telegram took them down.
Experts warn, “The consistent development and enhancement of Myth Stealer underscore the attackers’ determination to stay ahead of security defenses, posing a serious and persistent risk to users.”
You should prevent software downloads from untrusted websites while maintaining current security software updates.
Previous Story
Latest articles 
