Cheana Stealer Targets VPN Users
"Researchers discovered a phishing website targeting individuals downloading VPN applications for Windows Linux and macOS. The site mimics the legitimate ""WarpVPN"" service and offers detailed installation instructions for each platform. The threat actor has created distinct stealer binaries for each operating system known as the Cheana Stealer which extracts sensitive data from victims machines. It targets cryptocurrency browser extensions standalone crypto wallets stored browser passwords login data cookies SSH keys macOS passwords and Keychain data."