Epsilon is the name of a malicious program designed to steal confidential information. This thief targets data from browsers, gaming and other applications, as well as cryptocurrency wallets. The Epsilon thief has been observed to be distributed through campaigns targeting video gamers.

Once the Epsilon malware has successfully infiltrated a system, it begins collecting relevant device data. This thief can extract and filter information from browsers.

Data of interest typically includes: browser and search engine history, Internet cookies, stored login information (usernames/passwords), stored credit card numbers, etc.

Epsilon may receive information related to messaging platforms. More details: This program can infiltrate Discord and also collect Discord tokens. Among the types of software Epsilon targets are video game-related applications. For example, this thief aims to obtain Minecraft sessions.

Additionally, the thief seeks to obtain login credentials and other information from cryptocurrency wallets and associated software (e.g. MetaMask, etc.).

It's worth noting that malware developers often improve their software. Therefore, potential future versions of Epsilon may have a broader target list and additional/different capabilities.

In conclusion, having malware like Epsilon on devices can lead to serious privacy issues, financial losses, and identity theft.

Serpent, Laze, TrapStealer, Poverty and Lumar are just a few examples of thieves that experts have recently examined. Information-stealing malware is incredibly common. It can search for specific details or a wide range of data. This malware is not necessarily limited in its classification, which means it may have other functions not related to data theft.

Regardless of how malware operates, it is important to emphasize that its presence on a system poses a threat to the integrity of devices and the security of users. Therefore, all threats must be removed immediately after detection.

Epsilon is offered for sale on Telegram and Discord by its developers. Therefore, how this thief will spread depends on which cybercriminals are using it.

Several campaigns to distribute Epsilon have been observed. These operations target the gaming community. The malicious files containing this malware were obtained from fake game download sites (e.g. Pokemon, Nothing's Left, etc.).

These websites were advertised through spam, published and sent privately via Discord. The accounts that posted this content were usually hacked, as advertisements are much more successful if they appear to come from reputable sources.

Initially, downloaded files were observed in the following formats: executable files, password-protected RAR archives, and ZIP archives. In some cases, after launching the infectious file, victims were presented with dialog boxes asking for beta tester keys.

It is possible that as Epsilon spreads, other formats, sites and baits will be used. Game-related lures include free video game downloads, cracked versions, hacks and cheats, mods, in-game currency and other assets.

Malicious files can come in different formats. Besides executables and archives, other common types include JavaScript and documents (e.g. Microsoft Office, Microsoft OneNote, PDF, etc.). Phishing and social engineering methods are commonly used to distribute malware.

Common distribution methods include: malicious attachments or links in spam (e.g. emails, private messages, SMS, etc.), malicious advertising, online scams, drive-by downloads (hidden/misleading), illegal software activation tools software (hacking tools) and fake updates.

Some malware can even spread through local networks and removable storage media (for example, USB drives, external hard drives, etc.).

We strongly recommend that you treat incoming emails and other communications with caution. Attachments or links found in suspicious/irrelevant emails should not be opened as they may be viral. You should also be careful when browsing the web, as fake and malicious online content usually appears legitimate and harmless.

In addition, all downloads must be from official and verified channels. Another recommendation is to activate and update programs using trusted features/tools, as third party programs may contain malware.

We must emphasize the importance of installing and keeping up to date a reliable antivirus program. This software must be used to regularly scan your system and remove threats and problems. If you think your computer is already infected, we recommend running a scan to automatically remove any infiltrated malware.

Mainton Company - custom software development and testing, DevOps and SRE, SEO and online advertising since 2004.