The Darker Side of Stealer Malware: A Consumer Nightmare

Falling victim to an infostealer, such as Redline, is arguably one of the biggest threats to consumers—individual users who might seem less lucrative targets compared to businesses. Traditional malware often targets enterprises, banking on their urgency to maintain operations and their capacity to pay hefty ransoms. Consumers, on the other hand, might find it more […]

The Rise of Infostealer Data in Propaganda and Fraud

What do Andrew Tate, a Pro-Palestine hacking group, and AnyDesk all have in common? For a while now, Infostealer credentials data has been used as a means for disinformation, propaganda, or to facilitate fraud. Here are some recent examples Hudson Rock was able to discover: 1. Haghjoyan Hacking Group Cyberwar Disinformation. Their Claim: On october […]

Exploring the Latest Mispadu Stealer Variant

Executive Summary Unit 42 researchers recently discovered activity attributed to Mispadu Stealer, a stealthy infostealer first reported in 2019. We found this activity as part of the Unit 42 Managed Threat Hunting offering. We discovered this threat activity while hunting for the SmartScreen CVE-2023-36025 vulnerability. When we hunted for exploitation of the CVE-2023-36025 vulnerability in […]

PONY | FAREIT. Stealer, Loader, and Botnet.

_OVERVIEW Pony (also known as Fareit or Siplog) is a malware categorized as a loader and stealer, although it is also used as a botnet, being a tool that has been used for more than 10 years and is still in use. This infamous malware continues to receive updates and can be purchased, and has […]

Infostealer Infections Lead to Hacking of Google, TikTok, and Meta Law Enforcement Systems

Edit 03/02/24 – ‘Tamagami’ reveals they also possess access to Kodex which enables EDR / Subpoena requests for services such as LinkedIn, Discord, Tinder, Binance, Coinbase, Chainlink, SendGrid, and others A worrying trend emerges as threat actors hack into the law enforcement systems of major organizations, gaining the ability to legally request personal details of […]

CrackedCantil: A Malware Symphony Breakdown

Malware is constantly evolving to become more evasive, destructive, efficient, and infectious. There are numerous families of malware, each with its own unique characteristics. These different families of malware can work together in a symphonious manner to deliver a powerful infection. For instance, the stealer malware can exfiltrate data before the ransomware encrypts the files.  […]

Hundreds Of Network Operators’ Credentials Found Circulating In Dark Web

Following a recent and highly disruptive cyberattack on telecom carrier Orange España the cybersecurity community needs to rethink its approach to safeguarding the digital identity of staff involved in network engineering and IT infrastructure management. Orange España is the second-largest mobile operator in Spain. In early January, an attacker going by the alias ‘Snow’ hijacked […]

Prioritizing cybercrime intelligence for effective decision-making in cybersecurity (Hudson Rock)

In this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses integrating cybercrime intelligence into existing security infrastructures. Our discussion will cover a range of essential aspects, from the importance of continuous adaptation in cybersecurity strategies to practical advice for CISOs on enhancing threat detection and response capabilities. We’ll also explore the challenges of […]

Info Stealing Packages Hidden in PyPI

Affected platforms: All platforms where PyPI packages can be installedImpacted parties: Any individuals or institutions that have these malicious packages installedImpact: Leak of credentials, sensitive information, etc.Severity level: High The Python Package Index (PyPI) is an open repository of software packages developed by the Python community to help people quickly develop or update applications. While most of the packages […]

Top 5 Breaches Caused by Infostealer Infections

The rise of infostealer malware has become a serious challenge for organizations worldwide.  These sophisticated malware types are designed to stealthily infiltrate systems, extract sensitive information, and pave the way for more destructive cyberattacks.  The following cases, involving high-profile companies, underscore the critical importance of robust cybersecurity measures. These incidents not only highlight the vulnerabilities […]

Chae$ Chronicles: Version 4.1 Dedicated to Morphisec Researchers

In ongoing efforts to monitor and analyze emerging cyber threats, Morphisec Threat Labs has recently turned its focus to Chae$ 4.1, an update to the Chaes malware Infostealer series. This version introduces key updates, including an improved Chronod module, and features a unique aspect: a direct message to the Morphisec team within the source code. […]

infostealers-logo
favicon__1_ removebg-png

BE THE FIRST TO KNOW

Stay informed with the latest insights in our Infostealers weekly report.

Receive immediate notification if your email is involved in an infostealer infection.

No Spam, We Promise

favicon__1_ removebg-png

BE THE FIRST TO KNOW

Stay informed with the latest insights in our Infostealers weekly report.

Receive immediate notification if your email is involved in an infostealer infection.

No Spam, We Promise