RSS Articles | InfoStealers
  • Infostealers Webinar – Hudson Rock June 19, 2024
    Learn about Infostealers with actual real life breaches caused by Infostealer infections with Leonid Rozenberg, Hudson Rock’s Head of Partnerships & Integrations. To discover how your organization is impacted by Infostealer infections & get a free ethical disclosure, use Hudson Rock’s free tools – www.hudsonrock.com/are-you-compromised The post Infostealers Webinar – Hudson Rock appeared first on […]
  • Almost every cyber attack begins at a key ingredient: an Infostealer June 19, 2024
    Infostealers commit close to the perfect crime. They sneak into your computer, grab your logins, passwords, and anything of value, and then delete themselves on the way out — victims don’t even know they’ve been robbed. We talk to the alleged co-founder of the Meduza infostealer and to some of the people intent on stopping […]
  • Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster. June 8, 2024
    I wrote a piece recently about Copilot+ Recall, a new Microsoft Windows 11 feature which — in the words of Microsoft CEO Satya Nadella- takes “screenshots” of your PC constantly, and makes it into an instantly searchable database of everything you’ve ever seen. As he says, it is photographic memory of your PC life. I got […]
  • Iluria Stealer; a Variant of Another Discord Stealer June 8, 2024
    EXECUTIVE SUMMARY At CYFIRMA, we are committed to offering up-to-date insights into prevalent threats and tactics employed by malicious actors who target organizations and individuals. The ‘Iluria Stealer’ is a new malware variant created by the same developer behind the Nikki Stealer, who uses the alias ‘Ykg”. Both share similar code with SonicGlyde; a discord […]
  • Sapphire Werewolf polishes Amethyst stealer to attack over 300 companies June 8, 2024
    The adversaries use the open-source SapphireStealer to create their own malware for collecting employee authentication data from Russian companies Since March 2024, the BI.ZONE Threat Intelligence team has been tracking the cluster of activity dubbed Sapphire Werewolf. The threat actor targets Russia’s industries, such as education, manufacturing, IT, defense, and aerospace engineering. Over 300 attacks were carried […]
  • A Catalog of Hazardous AV Sites – A Tale of Malware Hosting May 29, 2024
    Executive summary In mid-April 2024, Trellix Advanced Research Center team members observed multiple fake AV sites hosting highly sophisticated malicious files such as APK, EXE and Inno setup installer that includes Spy and Stealer capabilities. Hosting malicious software through sites which look legitimate is predatory to general consumers, especially those who look to protect their […]
  • Botnets Are Dead, Long Live Infostealers (A Comparison) May 24, 2024
    The landscape of cyber threats has been shifting dramatically in recent years, with a notable transition from traditional botnets to a more insidious form of malware: Infostealers. According to Hudson Rock’s cybercrime intelligence database, which tracks historical data on Infostealer infections, there have been 27,500,000 recorded instances of these attacks. This staggering number highlights the growing […]
  • Analysis of APT attack cases targeting domestic companies using Dora RAT (Andariel Group) May 20, 2024
    AhnLab SEcurity intelligence Center (ASEC) recently confirmed cases of APT attacks by the Andariel group targeting domestic companies and institutions. The organizations identified as targets of the attack were domestic manufacturing companies, construction companies, and educational institutions, and backdoors as well as keyloggers, infostealers, and proxy tools were used in the attacks. It is believed […]
  • An Infostealer’s Brewin’: Cuckoo & AtomicStealer Get Creative May 17, 2024
    Summary So far, 2024 really has been the year of the infostealer when it comes to macOS malware. Families like AtomicStealer, Cuckoo, and CloudJump are getting dumped like crazy from search engine ads and crack sites. This post examines a particularly sneaky typosquatting campaign that’s being used to deliver both AtomicStealer and Cuckoo. It makes […]
RSS Reports | InfoStealers
  • Infostealers Weekly Report: 2024-06-10 – 2024-06-17 June 17, 2024
    InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
  • Infostealers Weekly Report: 2024-05-27 – 2024-06-03 June 3, 2024
    InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
  • Infostealers Weekly Report: 2024-05-20 – 2024-05-27 May 27, 2024
    InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
  • Infostealers Weekly Report: 2024-05-13 – 2024-05-20 May 20, 2024
    InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
  • Infostealers Weekly Report: 2024-05-06 – 2024-05-13 May 13, 2024
    InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
  • Infostealers Weekly Report: 2024-04-29 – 2024-05-06 May 6, 2024
    InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
  • Infostealers Weekly Report: 2024-04-22 – 2024-04-29 April 29, 2024
    InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
RSS Techniques | InfoStealers
  • Formbook/xLoader
    Formbook is an information-stealing malware, discovered in 2016, that is capable of stealing data entered into HTML website forms and logging keystrokes... The post Formbook/xLoader appeared first on InfoStealers.
  • LummaC2 Stealer
    Heatmap of instances of ATT&CK techniques for LummaC2 Stealer based on recent public CTI reporting (sources in Notes for each technique)... The post LummaC2 Stealer appeared first on InfoStealers.
  • Luca Stealer
    Heatmap of instances of ATT&CK techniques for Luca Stealer based on recent public CTI reporting (sources in Notes for each technique)... The post Luca Stealer appeared first on InfoStealers.
  • Python Dependency Stealer January 2023
    Heatmap of instances of ATT&CK techniques for an information stealer discovered in January 2023 that achieves initial access via a malicious software dependency (a Python package)... The post Python Dependency Stealer January 2023 appeared first on InfoStealers.
  • Aurora Stealer
    Aurora is an information stealer advertised on underground forums beginning in September 2022 (it was previously advertised in a different form, as a botnet with different functionality... The post Aurora Stealer appeared first on InfoStealers.
  • DuckTail Stealer
    Heatmap of instances of ATT&CK techniques for DuckTail Stealer based on recent public CTI reporting (sources in notes for each technique)... The post DuckTail Stealer appeared first on InfoStealers.
  • RisePro Stealer
    Heatmap of (sub)techniques mentioned in Sekoia.io's report "New RisePro Stealer distributed by the prominent PrivateLoader"... The post RisePro Stealer appeared first on InfoStealers.
  • Prynt Infostealer
    Heatmap of instances of ATT&CK techniques referenced in recent, public CTI reporting around Prynt Infostealer (source links included in Notes per technique below)... The post Prynt Infostealer appeared first on InfoStealers.
  • Rhadamanthys Stealer
    Heatmap of instances of ATT&CK techniques for Rhadamanthys Stealer based on recent public CTI reporting (sources in notes for each technique)... The post Rhadamanthys Stealer appeared first on InfoStealers.
  • Erbium Stealer
    Heatmap of instances of ATT&CK techniques for Erbium Stealer based on recent public CTI reporting (sources in notes for each technique)... The post Erbium Stealer appeared first on InfoStealers.
infostealers-logo
favicon__1_ removebg-png

BE THE FIRST TO KNOW

Stay informed with the latest insights in our Infostealers weekly report.

Receive immediate notification if your email is involved in an infostealer infection.

No Spam, We Promise

favicon__1_ removebg-png

BE THE FIRST TO KNOW

Stay informed with the latest insights in our Infostealers weekly report.

Receive immediate notification if your email is involved in an infostealer infection.

No Spam, We Promise