Erbium is an information-stealing tool that targets passwords, credit card information, cookies, cryptocurrency wallets, and more.
Today, this malware is being shared under the disguise of pirated games and cheats for popular titles. However, because of its nature, it can spread like wildfire, because Erbium is a Malware-as-a-Service (MaaS)—essentially subscription malware.
Initially, Erbium was priced at just $9 per week, but now it’s $100 per month or $1,000 for a year-long license. This pricing is still cheap (it costs about a third of RedLine stealer, according to Bleeping Computer), and it’s getting a lot of praise on lots of hacker forums.
The license they buy entitles threat actors to customer support, updates, and the tool itself, with its rich set of capabilities.
Cyfirma, a threat identification and cyber-intelligence business, made the initial discovery of Erbium after finding the virus discretely tucked away among game cracks.
Erbium may also steal cold cryptocurrency wallets for a variety of cryptocurrencies, including Exodus, Atomic, Bytecoin, Ethereum, and more. Additionally, it can steal 2FA codes from a variety of password and 2FA managers, including Trezor, EOS Authenticator, Authy 2FA, and Authenticator 2FA.
Erbium steals Telegram authentication files, Steam and Discord tokens, and screenshots from each connected monitor. Threat actors are supplied a detailed breakdown of everything that was taken from the victim in real time.
Given how versatile it is, it is likely that someone will ultimately include it into something other than gaming cracks, and at that point, it will probably spread more widely.
Right now, all you need to do to ensure that you're not at risk is to not download any unlawful downloads (such as cracked games or bots for games). It's also a good idea to be cautious and to use the best antivirus software, keep it updated, and scan every file you download. If you possess cryptocurrency, think about switching from a desktop wallet to a fully offline cold wallet.