Image: — © AFP
This holiday period, consumers were at risk from a new cybersecurity threat. This was identified by researchers at Rapid7 Labs, who uncovered a new malware strain dubbed SantaStealer– a Windows-targeting infostealer that hides entirely in memory to evade antivirus detection.
Looking into this new threat for Digital Journal is Stefanie Schappert, senior journalist at Cybernews, especially as to how Malware-as-a-Service like SantaStealer is changing the cybercrime economy.
Currently being sold on Telegram and dark web forums – complete with professional marketing and even a $1000 lifetime plan – this Malware-as-a-Service (MaaS) is a stark example of how cybercrime is rapidly being industrialized, with attackers packaging complex threats for anyone willing to pay.
There may be worse to come. According to Schapper: “The Christmas-themed SantaStealer is just the tip of the iceberg. Thousands of fake online stores and phishing campaigns have been circulating on the web this season, exploiting the holiday rush and consumer urgency.”
Research by CloudSEK detected over 2,000 holiday-themed scam sites, many impersonating shopping giants such as Amazon and eBay, major retailers such as Walmart, Target, and Best Buy, and even high-end luxury brands Gucci and Louis Vuitton.
Schapper explains: “With identical templates, countdown timers, and fake trust badges, the bad guys know consumers will click through these so-called secure sites to catch limited-time deals – all while fraudsters harvest their payment information.”
Schapper adds: “In fact, over 750 interconnected sites, including more than 170 Amazon-lookalikes, and over 1,000 .shop domains were reported.”
NordVPN also reported a 250% increase in such AI-created sites in October alone, with fake eBay sites surging 525% just before Thanksgiving.
Phishing attacks are also on the rise, Schapper warns, with scammers sending emails, texts, and social media messages that appear to come from trusted retailers, delivery services, or even charities.
As examples, Schapper cites: “Fake shipping notifications, holiday e-cards and Christmas party invites – from sites like Punchbowl and Eventbrite – once opened, can give attackers full control of devices, steal personal data, or even spread ransomware across networks.”
In addition: “With Mastercard reporting more than 70% of consumers struggling to identify phishing websites, the familiarity of holiday greetings makes victims more likely to trust the content, increasing the effectiveness of these attacks. The addition of AI-driven phishing makes these attacks even more convincing, using cloned voices, realistic images, or deepfake videos to trick even cautious users.”
In terms of other threats, Schapper finds: “Charity scams and mail-based fraud are also rising sharply. Fraudsters set up fake charities, copying legitimate nonprofit logos and websites, and push urgent donation requests through email, by phone, social media, or crowdfunding platforms.”
“During the season of giving, mail based fraud can trick the recipient to open malware-laced QR codes or visit fake websites for “more information,” or even receive “free gifts.”
These scams exploit goodwill, creating pressure with emotional appeals or claims of immediate need”, Schapper warns.
