RSS | InfoStealers

Articles | InfoStealers

Approaching Infostealers Devs: a Brief Interview with MacSync (ex-mentalpositive) September 4, 2025
To completely understand what’s going on in a market that has been growing in the last years I found mandatory to know which players are dominating it. Always remember that behind every user of the Internet there is another human like you, so if you can be kind enough to reach them and they agree, […]
How to Check if Your Company’s Domain Has Infostealer Infections September 4, 2025
What is an Infostealer? An infostealer is a type of malware designed to stealthily extract sensitive information from infected devices. It operates in the background, collecting data such as login credentials, financial details, and personal information, which hackers can then use for identity theft, financial fraud, or selling on the dark web. These infections often […]
The Infostealer-to-APT Pipeline: How Stolen Diplomatic Credentials Fuel Cyber-Political Power Plays August 31, 2025
With cyber espionage on the rise, opportunistic Infostealer malware, designed to harvest credentials indiscriminately, is being repurposed by Advanced Persistent Threat (APT) groups to devastating effect. Hudson Rock‘s threat intelligence reveals a global wave of compromised Ministry of Foreign Affairs (MOFA) email accounts, from Saudi Arabia’s mofa.gov.sa to South Korea’s mail.mofa.go.kr, the United Arab Emirates’ […]
Atomic macOS Stealer now includes a backdoor for persistent access July 8, 2025
Atomic macOS Stealer (AMOS), a popular piece of stealer malware for macOS, has just received a major update. For the first time, it’s being deployed with an embedded backdoor. This change allows attackers to maintain persistent access to a victim’s Mac, run arbitrary tasks from remote servers, and gain extended control over compromised machines. This […]
Infostealers – The Silent Data Thief [SINCON 2025] July 7, 2025
At SINCON 2025 in Singapore, Leonid Rozenberg sat down with cyber journalist Jane Lo for a brief but powerful 15-minute interview that catches you up on the latest Infostealer-related threats, trends, and developments. The post Infostealers – The Silent Data Thief [SINCON 2025] appeared first on InfoStealers.
Hy-Vee Hacked: Infostealers Enable Stormous Group’s 53GB Atlassian Data Heist June 24, 2025
In a cyberattack that underscores the destructive power of infostealer malware, Hy-Vee, a prominent U.S. supermarket chain, has been hit by a massive data breach courtesy of the Stormous ransomware group. The attackers claim they’ve infiltrated Hy-Vee’s Atlassian accounts, specifically Confluence and Jira, using stolen credentials, Hudson Rock traced back these credentials to various Infostealer […]
Paraguay’s Biggest Data Breach: Infostealers Fuel Massive 7.4M Citizen Data Leak June 23, 2025
In a cybersecurity catastrophe that’s rocked Paraguay to its core, a staggering 7.4 million citizen records, nearly the entire population’s personally identifiable information (PII), have been leaked on the dark web. Evidence for the initial access which enabled this hack point to an Infostealer infection that compromised a government employee’s credentials, granting cybercriminals access to […]
16 Billion Credentials Leak: A Closer Look at the Hype and Reality Behind the “Massive” Data Dump June 20, 2025
Recent reports of a 16 billion credentials leak have sparked widespread concern, with claims it’s one of the largest breaches ever. However, Hudson Rock’s analysis shows this “leak” is far less significant than suggested, consisting of recycled, outdated, and potentially fabricated data rather than a new breach. Here’s a clear breakdown of the incident and […]
Nobitex Breach: Infostealers Expose Critical Employee Credentials in Latest Crypto Exchange Hack June 18, 2025
The cryptocurrency world has been rocked yet again, this time with the Nobitex exchange finding itself in the crosshairs of a sophisticated cyberattack. Reported earlier today, the Iranian crypto platform suffered a massive $81.7 million loss due to a hack claimed by the group “Gonjeshke Darande”, allegedly linked to Israel, which claims affiliation with Israel […]

Reports | InfoStealers

Infostealers Weekly Report: 2025-08-25 – 2025-09-01 September 1, 2025
InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
Infostealers Weekly Report: 2025-08-18 – 2025-08-25 August 25, 2025
InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
Infostealers Weekly Report: 2025-08-11 – 2025-08-18 August 18, 2025
InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
Infostealers Weekly Report: 2025-08-04 – 2025-08-11 August 11, 2025
InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
Infostealers Weekly Report: 2025-07-28 – 2025-08-04 August 4, 2025
InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
Infostealers Weekly Report: 2025-07-21 – 2025-07-28 July 28, 2025
InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
Infostealers Weekly Report: 2025-07-14 – 2025-07-21 July 21, 2025
InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]

Techniques | InfoStealers

Formbook/xLoader
Formbook is an information-stealing malware, discovered in 2016, that is capable of stealing data entered into HTML website forms and logging keystrokes... The post Formbook/xLoader appeared first on InfoStealers.
LummaC2 Stealer
Heatmap of instances of ATT&CK techniques for LummaC2 Stealer based on recent public CTI reporting (sources in Notes for each technique)... The post LummaC2 Stealer appeared first on InfoStealers.
Luca Stealer
Heatmap of instances of ATT&CK techniques for Luca Stealer based on recent public CTI reporting (sources in Notes for each technique)... The post Luca Stealer appeared first on InfoStealers.
Python Dependency Stealer January 2023
Heatmap of instances of ATT&CK techniques for an information stealer discovered in January 2023 that achieves initial access via a malicious software dependency (a Python package)... The post Python Dependency Stealer January 2023 appeared first on InfoStealers.
Aurora Stealer
Aurora is an information stealer advertised on underground forums beginning in September 2022 (it was previously advertised in a different form, as a botnet with different functionality... The post Aurora Stealer appeared first on InfoStealers.
DuckTail Stealer
Heatmap of instances of ATT&CK techniques for DuckTail Stealer based on recent public CTI reporting (sources in notes for each technique)... The post DuckTail Stealer appeared first on InfoStealers.
RisePro Stealer
Heatmap of (sub)techniques mentioned in Sekoia.io's report "New RisePro Stealer distributed by the prominent PrivateLoader"... The post RisePro Stealer appeared first on InfoStealers.
Prynt Infostealer
Heatmap of instances of ATT&CK techniques referenced in recent, public CTI reporting around Prynt Infostealer (source links included in Notes per technique below)... The post Prynt Infostealer appeared first on InfoStealers.
Rhadamanthys Stealer
Heatmap of instances of ATT&CK techniques for Rhadamanthys Stealer based on recent public CTI reporting (sources in notes for each technique)... The post Rhadamanthys Stealer appeared first on InfoStealers.
Erbium Stealer
Heatmap of instances of ATT&CK techniques for Erbium Stealer based on recent public CTI reporting (sources in notes for each technique)... The post Erbium Stealer appeared first on InfoStealers.

BE THE FIRST TO KNOW

Get FREE access to Cavalier GPT

Stay informed with the latest insights in our Infostealers weekly report.

Receive a notification if your email is involved in an Infostealer infection.

No Spam, We Promise

BE THE FIRST TO KNOW

Get FREE access to Cavalier GPT

Stay informed with the latest insights in our Infostealers weekly report.

Receive a notification if your email is involved in an Infostealer infection.

No Spam, We Promise