Distributed via phishing emails or "freeware" links in YouTube descriptions and Discord servers. Typical Infection Cycle
Extracts stored passwords, cookies, and autofill data from popular browsers like Google Chrome, Opera, Brave, and Yandex . Mercurial Grabber.exe
Collects machine info, including Windows product keys, IP addresses, hardware specs, and desktop screenshots. Distributed via phishing emails or "freeware" links in
Mercurial Grabber is designed for "smash-and-grab" operations, focusing on the following targets: and Yandex . Collects machine info
Use reputable tools like Malwarebytes or Windows Defender to locate and remove the executable and its registry entries.