Arkanix Stealer Targets Cryptocurrency And Browser Data

In October 2025, researchers discovered Arkanix Stealer, a MaaS infostealer advertised on dark web forums and coordinated via a Discord server. The malware included native C++ and Python implants, targeted 22 browsers, Telegram, Discord, VPNs and cryptocurrency wallets, and used configurable features updated from arkanix[.]pw; the affiliate program appears taken down at time of writing. The report provides indicators for detection and mitigation.