This dangerous malware is written in Visual Basic 6.0, and costs less than a PS5 game — but poses a very real threat to your business
Summary
Researchers have unveiled DarkCloud, a $30 infostealer crafted in Visual Basic, capable of extracting credentials from browsers, email clients, and enterprise applications, raising significant concerns about cybersecurity and data protection.
Key Insights
What is Visual Basic 6.0 and why is it used in modern malware like DarkCloud?
Visual Basic 6.0 (VB6) is a legacy programming language from Microsoft, released in 1998, that compiles into native C/C++ applications using outdated runtime components, allowing DarkCloud to evade detection by modern antivirus tools while enabling credential theft from browsers, email clients, and more.[1][2][3]
What makes DarkCloud dangerous despite its low $30 cost?
DarkCloud is a potent infostealer that extracts credentials from browsers, email clients, FTP apps, cryptocurrency wallets, and enterprise tools, exfiltrates data via Telegram, SMTP, or FTP, and uses evasion tactics like string encryption and process injection, enabling attackers to access entire corporate networks.[1][2][3][7]