Articles | InfoStealers
- Exposing Information Stealers | Protecting Identities Online October 8, 2024Interview with Malware Protection expert Leonid Rozenberg with Hudson Rock (www.hudsonrock.com) on exposing information stealers, protecting identities online, hackers who sell vulnerabilities, and how to know if your identity is stolen. Check out Hudson Rock’s free tools available here – https://www.hudsonrock.com/threat-intelligence-cybercrime-tools The post Exposing Information Stealers | Protecting Identities Online appeared first on InfoStealers.
- FIN7 Hosting Honeypot Domains with Malicious AI DeepNude Generators – New Silent Push Research October 3, 2024Key findings Executive summary Silent Push Threat Analysts have observed the FIN7 group (aka Sangria Tempest) using new tactics in their malware and phishing attacks. We found that FIN7 has created at least seven websites serving malware to visitors looking to use an “AI Deepnude generator.” The threat group is also continuing to use browser […]
- Does the New Infostealer CAPTCHA Infection Actually Work? October 1, 2024In case you missed it, hackers have been utilizing a new technique to infect victims with Infostealers, it is done by setting a fake Captcha page that prompts the victim to paste a powershell command into their Windows Run which causes a Lumma Infostealer infection. But does it actually work? In reality, it works too […]
- Actor Uses Compromised Accounts, Customized Social Engineering to Target Transport and Logistics Firms with Malware September 25, 2024What happened Proofpoint researchers are tracking a cluster of activity targeting transportation and logistics companies in North America to deliver a variety of different malware payloads. Notably, this activity leverages compromised legitimate email accounts that belong to transportation and shipping companies. At this time, it is unclear how the actor achieves access to the compromised […]
- Sextortion Is About to Get Much Worse with Infostealers – A Red Flag for Victims September 23, 2024Sextortion schemes are about to take a much darker turn. With the rise of Infostealer malware, the game is changing. Hackers will no longer rely on fake threats or generic scare tactics like Google Street View images. Instead, they now have access to real victim data pulled straight from infected computers—data that includes sensitive browsing […]
- Infostealer Infected Computers Could Lead to Cybercriminal Arrests After Exchanges Takedown September 20, 2024German authorities recently took down 47 cryptocurrency exchanges used by ransomware groups, money launderers, and botnet operators. Although the domains have been seized, no arrests have been made so far. The real impact, however, might come from what was left behind. By examining the data from these domains through Hudson Rock’s cybercrime intelligence database, over […]
- Dissecting Lumma Malware: Analyzing the Fake CAPTCHA and Obfuscation Techniques – Part 2 September 18, 2024In Part 1 of our series on Lumma Stealer, we explored the initial attack vector through a fake CAPTCHA page. We observed how the malware deceives users into downloading and executing malicious payloads. In this second series, we delve deeper into the technical details of the Lumma Stealer’s loader, focusing on its obfuscation techniques and how it […]
- The journey into Mac OS infostealers September 18, 2024In the past weeks I interviewed some of the Mac OS malware operators that are most known in the wild. Mac OS infostealers are still a trend and a to-be-known thing that I started investigating thanks to the honest words of the people around these products, this couldn’t be possible without the insights of the […]
- Cybersecurity Researcher Loses £10,000 in Infostealer Financial DDoS Attack September 17, 2024Recently, Rasta Mouse, a well-known cybersecurity researcher and founder of Zero-Point Security Ltd, became the target of an alarming attack that resulted in a staggering loss of £10,000. This incident, which took place while he was selling cybersecurity courses through his company’s website, highlights a new dimension of financial DDoS attacks that combine elements of […]
Reports | InfoStealers
- Infostealers Weekly Report: 2024-10-07 – 2024-10-14 October 14, 2024InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
- Infostealers Weekly Report: 2024-09-30 – 2024-10-07 October 7, 2024InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
- Infostealers Weekly Report: 2024-09-23 – 2024-09-30 September 30, 2024InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
- Infostealers Weekly Report: 2024-09-16 – 2024-09-23 September 23, 2024InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
- Infostealers Weekly Report: 2024-09-09 – 2024-09-16 September 16, 2024InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
- Infostealers Weekly Report: 2024-09-02 – 2024-09-09 September 9, 2024InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
- Infostealers Weekly Report: 2024-08-26 – 2024-09-02 September 2, 2024InfoStealers Weekly Report – In this comprehensive report, we provide you with valuable insights into the most pressing threats facing organizations today. As cyberattacks continue to grow in complexity and scale, our mission is to equip you with the knowledge and tools needed to safeguard your sensitive information. Join us as we analyze the top […]
Techniques | InfoStealers
- Formbook/xLoaderFormbook is an information-stealing malware, discovered in 2016, that is capable of stealing data entered into HTML website forms and logging keystrokes... The post Formbook/xLoader appeared first on InfoStealers.
- LummaC2 StealerHeatmap of instances of ATT&CK techniques for LummaC2 Stealer based on recent public CTI reporting (sources in Notes for each technique)... The post LummaC2 Stealer appeared first on InfoStealers.
- Luca StealerHeatmap of instances of ATT&CK techniques for Luca Stealer based on recent public CTI reporting (sources in Notes for each technique)... The post Luca Stealer appeared first on InfoStealers.
- Python Dependency Stealer January 2023Heatmap of instances of ATT&CK techniques for an information stealer discovered in January 2023 that achieves initial access via a malicious software dependency (a Python package)... The post Python Dependency Stealer January 2023 appeared first on InfoStealers.
- Aurora StealerAurora is an information stealer advertised on underground forums beginning in September 2022 (it was previously advertised in a different form, as a botnet with different functionality... The post Aurora Stealer appeared first on InfoStealers.
- DuckTail StealerHeatmap of instances of ATT&CK techniques for DuckTail Stealer based on recent public CTI reporting (sources in notes for each technique)... The post DuckTail Stealer appeared first on InfoStealers.
- RisePro StealerHeatmap of (sub)techniques mentioned in Sekoia.io's report "New RisePro Stealer distributed by the prominent PrivateLoader"... The post RisePro Stealer appeared first on InfoStealers.
- Prynt InfostealerHeatmap of instances of ATT&CK techniques referenced in recent, public CTI reporting around Prynt Infostealer (source links included in Notes per technique below)... The post Prynt Infostealer appeared first on InfoStealers.
- Rhadamanthys StealerHeatmap of instances of ATT&CK techniques for Rhadamanthys Stealer based on recent public CTI reporting (sources in notes for each technique)... The post Rhadamanthys Stealer appeared first on InfoStealers.
- Erbium StealerHeatmap of instances of ATT&CK techniques for Erbium Stealer based on recent public CTI reporting (sources in notes for each technique)... The post Erbium Stealer appeared first on InfoStealers.