🐝 W4SP Stealer 🐝
w4sp Stealer official source code, one of the best python stealer on the web
By @loTus04 and @billythegoat356
Features (Stealer)
Global
- Saved Passwords
- Brower Cookies
- Get PC information
- AntiVM – Trust Factor system, it wont send data if Gmail cookies arent’ found
- Data is send throught a Discord webhook
Discord
- Discord Tokens from browsers
- Discord Token from discord, discordcanary, discordPTBa
- Get all info on token (email, nitro/badge, rare friends)
Wallets
- Exodus Wallet
- Metamask Wallet
- Atomic Wallet
Gaming
- Steam Client
- Riot Client
- NationsGlory Client
Other
- Telegram Session
File Stealer
- It will search throught the pc for: saved passwords, 2fa codes, wallet keys and other sensitive information (idea came from Kiwi plugin on msf)
Features (Injector)
- brilliant persistance technique
- Invisible in TaskManger StartUP tab
- FUD
- Fully runs in background
- Hides the stealer very well
Few articles on W4SP (they where writen during beta-testing)
- securelist.com ~ Two more malicious Python packages in the PyPI
- securityweek.com ~ Security Firms Find Over 20 Malicious PyPI Packages Designed for Data Theft
- digismak.com ~ Criminals steal data by spoofing popular open source package
- darkreading.com ~ Whack-a-Mole: More Malicious PyPI Packages Spring Up Targeting Discord, Roblox