It silently scans for the targeted files and browser databases.
Extracts stored passwords, cookies, and autofill data from popular browsers like Google Chrome, Opera, Brave, and Yandex . Mercurial Grabber.exe
Primarily uses Discord Webhooks to exfiltrate stolen data directly to an attacker-controlled Discord channel. Key Capabilities It silently scans for the targeted files and
Use reputable tools like Malwarebytes or Windows Defender to locate and remove the executable and its registry entries. Mercurial Grabber.exe
The file is the compiled output of an open-source information stealer (infostealer) originally published on GitHub in 2021. While its creators claimed it was for "educational purposes," it has been widely adopted by threat actors to steal personal data from gamers and casual web users.