Today > | 2 Medium vulnerabilities   -   You can now download lists of IOCs here!

Ailurophile: G DATA has sighted a new info stealer in the wild

Aug. 19, 2024, 1:59 p.m.

Description

G DATA has detected a novel information-stealing malware, dubbed 'Ailurophile Stealer'. It is a PHP-based stealer offered through a subscription model on its dedicated website. Customers utilize a web panel to generate customized malware variants, specifying features such as the malware name, icon, Telegram notification channel, and optional payload delivery. The stealer targets popular browsers and can pilfer autofill data, cookies, passwords, browsing history, credit card details, and cryptocurrency wallet information. It employs commercial virtualization software for execution and steals specific file types containing keywords suggestive of sensitive data. The malware has different components for various functionalities like process termination, data collection, and optional payload delivery with Windows Defender disabling capability.

Date

Published: Aug. 19, 2024, 1:39 p.m.

Created: Aug. 19, 2024, 1:39 p.m.

Modified: Aug. 19, 2024, 1:59 p.m.

Indicators

e04dbe0de745fc8026710034af6a00fc8dc38569440ce8ebebe74cd4dc0a6dc5

4d38d7c7161ccb08998f90079a565f32a296f1bf404001b9e6bbc4d4558d53fd

Attack Patterns

Ailurophile Stealer

T1600

T1548

T1552

T1114

T1555

T1554

T1564

T1083

T1056

T1003