019

Check Point analysis details Styx Stealer, a Phemedrone-derived information stealer advertised commercially and capable of exfiltrating browser data, Telegram/Discord sessions, and cryptocurrency wallets; the operator STY1X suffered an OPSEC lapse leaking client and payment details and was linked to an Agent Tesla spam campaign via a reused Telegram bot token that exposed customer data and wallets.