Ailurophile: G DATA has sighted a new info stealer in the wild

Tags

External References

• https://www.gdatasoftware.com/
• https://otx.alienvault.com/

Description

G DATA has detected a novel information-stealing malware, dubbed 'Ailurophile Stealer'. It is a PHP-based stealer offered through a subscription model on its dedicated website. Customers utilize a web panel to generate customized malware variants, specifying features such as the malware name, icon, Telegram notification channel, and optional payload delivery. The stealer targets popular browsers and can pilfer autofill data, cookies, passwords, browsing history, credit card details, and cryptocurrency wallet information. It employs commercial virtualization software for execution and steals specific file types containing keywords suggestive of sensitive data. The malware has different components for various functionalities like process termination, data collection, and optional payload delivery with Windows Defender disabling capability.

Date