Articles | InfoStealers
- Hudson Rock’s Cybercrime and Threat Intelligence Researcher, Leonid Rozenberg, Shares Insights About Infostealers and Security February 5, 2025Hudson Rock has been the go-to source for all things cybersecurity and infosec updates. Be it offering dark web intelligence or finding one’s own data on breach forums, Hudson Rock has been a torch bearer, bringing the latest updates to people. TechNadu reached out to the company to know how they work, what powers them, […]
- CAPTCHA Chaos: From X Threads to Telegram January 28, 2025Cybercriminals are continuously evolving their tactics to exploit human behavior and trust. In one of the latest campaigns, attackers have weaponized fake CAPTCHA verification systems—tools typically used to verify a user’s legitimacy—to deliver malicious payloads. Introduction This campaign demonstrates an evolution from basic fake URL-based CAPTCHAs, seen in previous attacks, to a more sophisticated Telegram-based […]
- Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit January 18, 2025In December 2024, two critical vulnerabilities in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments: In this blog entry, we discuss a fake proof-of-concept (PoC) exploit for CVE-2024-49113 (aka LDAPNightmare) designed to lure security researchers […]
- How Cracks and Installers Bring Malware to Your Device January 18, 2025Key Takeaways Introduction The increase of fake installers bundled with info stealers is a growing threat for users looking for pirated software. These malicious programs disguise themselves as legitimate applications, often appearing in search results or comments on platforms like GitHub. Unfortunately, many users fall prey to these tricks. The Trend Micro™ Managed XDR service frequently sees the […]
- Infostealer Logs to Fuel a New Wave of AWS Ransomware Attacks January 14, 2025Introduction Recent research from Halcyon has uncovered a novel approach by a threat actor — referred to as Codefinger — who is actively abusing Amazon Web Services (AWS) by leveraging its native features to facilitate ransomware attacks in the wild. This technique underlines a powerful shift in the cyber threat landscape: instead of exploiting infrastructure outside the victim’s cloud […]
- Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit January 13, 2025In December 2024, two critical vulnerabilities in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments: In this blog entry, we discuss a fake proof-of-concept (PoC) exploit for CVE-2024-49113 (aka LDAPNightmare) designed to lure security researchers […]
- Telefonica Breach: Infostealer Malware Opens Door for Social Engineering Tactics January 11, 2025Telefonica, a major telecommunications company, recently confirmed a breach in their internal ticketing system, which led to a significant data leak. The breach involved unauthorized access and extraction of sensitive information, including a vast amount of employee and operational data. Infostealer Malware and Social Engineering Tactics New information has emerged indicating that the breach was […]
- “Can you try a game I made?” Fake Game Sites Lead to Information Stealers January 5, 2025The background and the IOCs for this blog were gathered by an Expert helper on our forums and Malwarebytes researchers. Our thanks go out to them. A new, malicious campaign is making the rounds online and it starts simple: Unwitting targets receive a direct message (DM) on a Discord server asking about their interest in […]
- Silent Threats, Strategic Insights: Harnessing Info Stealer Data for Better Decisions January 2, 2025The cybersecurity landscape is rife with challenges, but some threats are quieter, subtler — and deadlier. Info stealers, the silent operators of the malware world, have made headlines for their efficiency in siphoning off sensitive data. While their mechanics and prevalence are well-documented, the real question for decision-makers is not just what these threats are but how to effectively […]
Reports | InfoStealers
- Infostealers Weekly Report: 2025-01-27 – 2025-02-03 February 3, 2025InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
- Infostealers Weekly Report: 2025-01-20 – 2025-01-27 January 27, 2025InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
- Infostealers Weekly Report: 2025-01-13 – 2025-01-20 January 20, 2025InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
- Infostealers Weekly Report: 2025-01-06 – 2025-01-13 January 13, 2025InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
- Infostealers Weekly Report: 2024-12-30 – 2025-01-06 January 6, 2025InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
- Infostealers Weekly Report: 2024-12-23 – 2024-12-30 December 30, 2024InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
- Infostealers Weekly Report: 2024-12-16 – 2024-12-23 December 23, 2024InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
Techniques | InfoStealers
- Formbook/xLoaderFormbook is an information-stealing malware, discovered in 2016, that is capable of stealing data entered into HTML website forms and logging keystrokes... The post Formbook/xLoader appeared first on InfoStealers.
- LummaC2 StealerHeatmap of instances of ATT&CK techniques for LummaC2 Stealer based on recent public CTI reporting (sources in Notes for each technique)... The post LummaC2 Stealer appeared first on InfoStealers.
- Luca StealerHeatmap of instances of ATT&CK techniques for Luca Stealer based on recent public CTI reporting (sources in Notes for each technique)... The post Luca Stealer appeared first on InfoStealers.
- Python Dependency Stealer January 2023Heatmap of instances of ATT&CK techniques for an information stealer discovered in January 2023 that achieves initial access via a malicious software dependency (a Python package)... The post Python Dependency Stealer January 2023 appeared first on InfoStealers.
- Aurora StealerAurora is an information stealer advertised on underground forums beginning in September 2022 (it was previously advertised in a different form, as a botnet with different functionality... The post Aurora Stealer appeared first on InfoStealers.
- DuckTail StealerHeatmap of instances of ATT&CK techniques for DuckTail Stealer based on recent public CTI reporting (sources in notes for each technique)... The post DuckTail Stealer appeared first on InfoStealers.
- RisePro StealerHeatmap of (sub)techniques mentioned in Sekoia.io's report "New RisePro Stealer distributed by the prominent PrivateLoader"... The post RisePro Stealer appeared first on InfoStealers.
- Prynt InfostealerHeatmap of instances of ATT&CK techniques referenced in recent, public CTI reporting around Prynt Infostealer (source links included in Notes per technique below)... The post Prynt Infostealer appeared first on InfoStealers.
- Rhadamanthys StealerHeatmap of instances of ATT&CK techniques for Rhadamanthys Stealer based on recent public CTI reporting (sources in notes for each technique)... The post Rhadamanthys Stealer appeared first on InfoStealers.
- Erbium StealerHeatmap of instances of ATT&CK techniques for Erbium Stealer based on recent public CTI reporting (sources in notes for each technique)... The post Erbium Stealer appeared first on InfoStealers.