Shuyal Stealer: Advanced Infostealer Targeting 19 Browsers

Oct. 8, 2025, 4:40 p.m.

Description

Shuyal Stealer is a sophisticated infostealer malware targeting 19 different browsers. It conducts deep system reconnaissance, collecting detailed hardware information and user data. The malware disables Windows Task Manager, ensures persistence through startup folder insertion, and exfiltrates stolen data via a Telegram bot. Shuyal's capabilities include credential harvesting from multiple browsers, clipboard capture, screenshot taking, and Discord token theft. It employs evasion techniques like self-deletion and uses PowerShell for data compression. The malware's wide-ranging browser targets and extensive data collection make it a significant threat to user privacy and system security.

External References

https://www.pointwild.com/threat-intelligence/shuyal-stealer-advanced-infostealer-targeting-19-browsers
https://otx.alienvault.com/pulse/68e68278a0b8b21ac7e1edb7
Tags
evasion
powershell
infostealer
persistence
data exfiltration
system reconnaissance
telegram bot
browser targeting
2025-10-08
shuyal stealer

Date

  • Created: Oct. 8, 2025, 3:25 p.m.
  • Published: Oct. 8, 2025, 3:25 p.m.
  • Modified: Oct. 8, 2025, 4:40 p.m.

Indicators

  • https://api.telegram.org/bot7522684505:AAEODeii83B_nlpLi0bUQTnOtVdjc8yHfjQ/sendDocument?chat_id=-1002503889864]
Download all indicators here!

Attack Patterns

  • Shuyal Stealer