Anivia Stealer Malware Bypasses UAC in Dark Web Sale

A new strain of credential-stealing malware named Anivia Stealer is being marketed across underground forums, according to researchers at KrakenLabs. Developed in C++17, the Anivia Stealer malware bypasses User Account Control (UAC) protections on Windows systems ranging from XP to Windows 11, allowing cybercriminals to execute privileged operations without alerting users.

Threat actor ZeroTrace is promoting the tool as a subscription-based offering, priced from €120 per month to €680 for lifetime access. The malware targets browser credentials, authentication cookies, cryptocurrency wallets, messaging tokens, and Local Security Authority credentials. Anivia Stealer malware bypasses UAC mechanisms using automatic elevation techniques that eliminate the need for user interaction.

The malware also supports encrypted communication with command-and-control servers and features an auto-update function to evade detection. Analysts believe this tool may be a rebranded version of the earlier ZeroTrace Stealer, based on overlapping code and developer metadata.

Read the full article at: https://cybersecuritynews.com/threat-actors-advertising-anivia-stealer-malware/