Skip to content
INFOSTEALERS By HudsonRock

About the hub

The all-around infostealer hub.

InfoStealers.com is the public research, news and intel publication of Hudson Rock — a cybercrime intelligence company specialising in infostealer infections and the breaches they fuel.

Our mission is to give defenders, journalists and investigators a single place to follow the infostealer ecosystem: from the malware families that harvest credentials, to the marketplaces that resell them, to the ransomware groups that weaponise them weeks later.

Read the research Try free tools

The dataset

  • Compromised machines 35,624,598
  • Compromised employees 5,588,024
  • Compromised Android devices 14,076,606
  • Compromised domains 15,485,072

Live from Cavalier · refreshed every 5 minutes

What we publish

Four pillars, one ecosystem

Whether you investigate breaches, build defensive tooling, or just want to understand how a credential stolen on a personal Chrome profile ends up taking down a Fortune 500 — this hub is structured for you.

232 Blog entries

In-depth research & investigations

Long-form analysis of infostealer campaigns, ransomware crossover, supply-chain compromises, and incident response post-mortems — written by the Hudson Rock research team.

Browse 320 Weekly reports entries

Always-on threat telemetry

Top compromised domains, trending stealer families, country breakdowns, S&P 500 exposure and most-targeted apps. Refreshed every week.

Browse 20 Techniques entries

MITRE ATT&CK by family

Curated mapping of every active infostealer family to MITRE ATT&CK techniques and tactics, with source references for each finding.

Browse 47 Victims entries

Tracked breach disclosures

Documented breaches and incidents tied to upstream infostealer infections — credentials, sessions, cookies, employees and contractors.

Browse

Behind the publication

Powered by Hudson Rock

Hudson Rock is a cybercrime-intelligence company tracking infostealer infections at internet scale. Our researchers continuously index logs from underground markets, cybercrime forums, and Telegram channels, cross-referencing them against domains, employees, customers and end-users of the organizations we protect.

The findings, methodology and primary sources behind everything you read on this hub are produced by that same team.

Visit Hudson Rock Talk to research

  • Free, public-good intelligence

    Everything published here is free to read, reference and cite. We share research because the defender community benefits from open intel.

  • Reproducible and source-cited

    Every technical claim is linked to a primary source — vendor advisories, leaked dumps, paste sites or our own Cavalier dataset.

  • Zero hype, zero FUD

    We do not publish unverified speculation, branded "advisories" with no IOCs, or breach claims we cannot confirm.

  • Responsible disclosure

    Where a breach is unconfirmed or still under disclosure embargo, we redact and coordinate with the affected party before publishing.

Free Tools Check your exposure