article featured image


Erbium is a new Malware-as-a-Service (MaaS) designed to steal login credentials and cryptocurrency wallets. The Malware circulates at the moment as fake cracks and cheats for known video games.

This new MaaS is embraced by affiliates due to its low price, receptive customer support, and broad capabilities.

Find More about Erbium

Erbium was first spotted on Russian forums by researchers at Cluster25 and Cyfirma earlier this year.

Its price went from $9 per week, in late August 2022, to $100 per month or $1000 per year, showing its growing popularity. Even so, Erbium’s cost is one-third of that of RedLine stealer, the malware commonly used by hackers until now.

All data is exfiltrated to the C2 via a built-in API system, while the operators get an overview of what has been stolen from each infected host on an Erbium dashboard.

The malware uses three URLs for connecting to the panel, including Discord’s Content Delivery Network (CDN), a platform that malware operators have heavily abused.


Erbium seems to be still developing but has already been identified in USA, France, Colombia, Spain, Italy, India, Vietnam, and Malaysia.

Erbium, A New InfoStealer Malware on the Market


What is Erbium After

The information-stealing malware is versatile and is after different types of data stored on your device, like:

  • data saved in web browsers like passwords, cookies, credit cards, and autofill information
  • information from cryptocurrency browser wallets
  • information from cryptocurrency desktop wallets (Exodus, Atomic, Armory, Bitcoin-Core, Bytecoin, Dash-Core, Electrum, Electron, Coinomi, Ethereum, Litecoin-Core, Monero-Core, Zcash, and Jaxx)
  • two-factor authentication codes generated by Trezor Password Manager, EOS Authenticator, Authy 2FA, and Authenticator 2FA
  • screenshots from any monitor
  • tokens from Steam and Discord
  • Telegram auth files

To stay safe online, use a few simple cybersecurity measures like avoiding any non-legitimate software, using an antivirus, and updating all your apps and systems.

If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Author Profile

Andreea Chebac

Digital Content Creator

Andreea is a digital content creator within Heimdal® with a great belief in the educational power of content. A literature-born cybersecurity enthusiast (through all those SF novels…), she loves to bring her ONG, cultural, and media background to this job.

Leave a Reply

Your email address will not be published. Required fields are marked *