Techniques
Deep-dives into specific stealer families — capabilities, C2 infrastructure, evasion tradecraft, and detection guidance.
Formbook is an information-stealing malware, discovered in 2016, that is capable of stealing data entered into HTML website forms and logging keystrokes...
Heatmap of instances of ATT&CK techniques for LummaC2 Stealer based on recent public CTI reporting (sources in Notes for each technique)...
Heatmap of instances of ATT&CK techniques for Luca Stealer based on recent public CTI reporting (sources in Notes for each technique)...
Heatmap of instances of ATT&CK techniques for an information stealer discovered in January 2023 that achieves initial access via a malicious software dependency (a Python package)...
Aurora is an information stealer advertised on underground forums beginning in September 2022 (it was previously advertised in a different form, as a botnet with different…
Heatmap of instances of ATT&CK techniques for DuckTail Stealer based on recent public CTI reporting (sources in notes for each technique)...
Heatmap of (sub)techniques mentioned in Sekoia.io's report "New RisePro Stealer distributed by the prominent PrivateLoader"...
Heatmap of instances of ATT&CK techniques referenced in recent, public CTI reporting around Prynt Infostealer (source links included in Notes per technique below)...
Heatmap of instances of ATT&CK techniques for Rhadamanthys Stealer based on recent public CTI reporting (sources in notes for each technique)...
Heatmap of instances of ATT&CK techniques for Erbium Stealer based on recent public CTI reporting (sources in notes for each technique)...
Heatmap of instances of ATT&CK techniques for RecordBreaker Stealer based on recent public CTI reporting (sources in notes for each technique)...
Heatmap of instances of ATT&CK techniques for BlackGuard Stealer based on recent public CTI reporting (sources in notes for each technique)...
