Infostealers Webinar – Hudson Rock

Learn about Infostealers with actual real life breaches caused by Infostealer infections with Leonid Rozenberg, Hudson Rock’s Head of Partnerships & Integrations. To discover how your organization is impacted by Infostealer infections & get a free ethical disclosure, use Hudson Rock’s free tools – www.hudsonrock.com/are-you-compromised

Almost every cyber attack begins at a key ingredient: an Infostealer

Infostealers commit close to the perfect crime. They sneak into your computer, grab your logins, passwords, and anything of value, and then delete themselves on the way out — victims don’t even know they’ve been robbed. We talk to the alleged co-founder of the Meduza infostealer and to some of the people intent on stopping […]

Iluria Stealer; a Variant of Another Discord Stealer

EXECUTIVE SUMMARY At CYFIRMA, we are committed to offering up-to-date insights into prevalent threats and tactics employed by malicious actors who target organizations and individuals. The ‘Iluria Stealer’ is a new malware variant created by the same developer behind the Nikki Stealer, who uses the alias ‘Ykg”. Both share similar code with SonicGlyde; a discord […]

Sapphire Werewolf polishes Amethyst stealer to attack over 300 companies

The adversaries use the open-source SapphireStealer to create their own malware for collecting employee authentication data from Russian companies Since March 2024, the BI.ZONE Threat Intelligence team has been tracking the cluster of activity dubbed Sapphire Werewolf. The threat actor targets Russia’s industries, such as education, manufacturing, IT, defense, and aerospace engineering. Over 300 attacks were carried […]

A Catalog of Hazardous AV Sites – A Tale of Malware Hosting

Executive summary In mid-April 2024, Trellix Advanced Research Center team members observed multiple fake AV sites hosting highly sophisticated malicious files such as APK, EXE and Inno setup installer that includes Spy and Stealer capabilities. Hosting malicious software through sites which look legitimate is predatory to general consumers, especially those who look to protect their […]

Botnets Are Dead, Long Live Infostealers (A Comparison)

The landscape of cyber threats has been shifting dramatically in recent years, with a notable transition from traditional botnets to a more insidious form of malware: Infostealers. According to Hudson Rock’s cybercrime intelligence database, which tracks historical data on Infostealer infections, there have been 27,500,000 recorded instances of these attacks. This staggering number highlights the growing […]

Analysis of APT attack cases targeting domestic companies using Dora RAT (Andariel Group)

AhnLab SEcurity intelligence Center (ASEC) recently confirmed cases of APT attacks by the Andariel group targeting domestic companies and institutions. The organizations identified as targets of the attack were domestic manufacturing companies, construction companies, and educational institutions, and backdoors as well as keyloggers, infostealers, and proxy tools were used in the attacks. It is believed […]

An Infostealer’s Brewin’: Cuckoo & AtomicStealer Get Creative

Summary So far, 2024 really has been the year of the infostealer when it comes to macOS malware. Families like AtomicStealer, Cuckoo, and CloudJump are getting dumped like crazy from search engine ads and crack sites. This post examines a particularly sneaky typosquatting campaign that’s being used to deliver both AtomicStealer and Cuckoo. It makes […]

Initial Access Brokers, Infostealers, and Everything Between Them

Introduction Hudson Rock recently shed light on how a compromised Citrix account without MFA was potentially used to deploy a devastating ransomware attack on Change Healthcare. This attack not only led to business disruption but also resulted in a ransom payment of $22 million. The likely cause was an employee being infected with Infostealing malware. To demonstrate […]

Identity Behind Massive Discord Spying Tool Revealed due to Infostealer Infection

This article aims to shed light on the identity behind a massive Discord spying tool and raise concerns about the possibility of private Discord data being accessed by hackers. Intro A controversy surrounding the anonymously-run website spy.pet has recently made headlines, raising serious privacy concerns. The website is designed to enable anyone to access messages […]

Single Citrix Compromised Credential Results in $22,000,000 Ransom to Change Healthcare

In late February 2024 Change Healthcare suffered a devastating ransomware attack which led to major disruptions to the company’s platform, estimated at a staggering $872,000,000 The attack which was carried out by BlackCat ransomware group also resulted in a $22,000,000 ransom payment. But how did this happen? In a testimony by Andrew Witty, Change Healthcare’s […]

infostealers-logo
favicon__1_ removebg-png

BE THE FIRST TO KNOW

Stay informed with the latest insights in our Infostealers weekly report.

Receive immediate notification if your email is involved in an infostealer infection.

No Spam, We Promise

favicon__1_ removebg-png

BE THE FIRST TO KNOW

Stay informed with the latest insights in our Infostealers weekly report.

Receive immediate notification if your email is involved in an infostealer infection.

No Spam, We Promise