Fileless Python InfoStealer Targeting Exodus

Description

A new Python-based info stealer targeting the Exodus crypto wallet has been discovered. This malware employs fileless techniques, clipboard monitoring, and keylogging to capture wallet passwords and sensitive data. It checks for the existence of 'passphrase.json' and, if not found, uses a keylogger to capture the victim's password when the Exodus password prompt appears. The malware compresses and exfiltrates stolen data in memory via Discord webhooks. It also implements clipboard monitoring to intercept potentially stored passwords. The script's sophisticated design includes password validation checks and targeted window detection for Exodus-related activities.