Never download software from unofficial sources, especially those that ask you to disable your antivirus before running. Ransomware Roundup - DoDo and Proton | FortiGuard Labs

Mercurial Grabber is designed for "smash-and-grab" operations, focusing on the following targets:

Primarily uses Discord Webhooks to exfiltrate stolen data directly to an attacker-controlled Discord channel. Key Capabilities

Use reputable tools like Malwarebytes or Windows Defender to locate and remove the executable and its registry entries.

The stolen data is bundled and sent via an HTTP POST request to the attacker's Discord webhook. Risk Mitigation If you suspect an infection:

The user runs the .exe . It may show a fake error message or a simple GUI to appear legitimate.

Prioritize Discord, email, and gaming accounts. If you have 2FA enabled, your session tokens might still be at risk until you log out of all sessions.

Below is a technical breakdown of its typical behavior, delivery, and impact. Malware Type: Infostealer / Credential Grabber.