Tag : infostealer

26 attack reports | 0 vulnerabilities

Attack Reports

Title Published Tags Description Number of indicators
A SOC Team’s Guide to Detecting macOS Atomic Stealers Sept. 13, 2024, 8:59 a.m. This article provides an analysis of the Atomic Infostealer malware family, which has been targeting macOS users throughout 2024.… 3
There's Something About CryptBot: Yet Another Silly Stealer Sept. 11, 2024, 8:02 a.m. This report provides an in-depth technical analysis of a new variant of the CryptBot infostealer, dubbed Yet Another Silly Steale… 13
Atomic macOS Stealer leads sensitive data theft on macOS Sept. 9, 2024, 11:16 a.m. The report discusses the Atomic macOS Stealer (AMOS), an infostealer malware targeting macOS systems. It is designed to steal sen… 17
Emansrepo Stealer: Multi-Vector Attack Chains Sept. 4, 2024, 8:49 a.m. A Python infostealer named Emansrepo has been observed since November 2023, distributed via phishing emails containing fake purch… 42
Exploring AsyncRAT and Infostealer Plugin Delivery Through… Sept. 2, 2024, 4:14 p.m. This analysis details an AsyncRAT infection observed in August 2024, delivered via email. The attack chain involves a Windows Scr… 8
A Comprehensive Analysis of Angry Stealer: Rage Stealer in a New Disguise Aug. 28, 2024, 9:33 a.m. CYFIRMA's research team recently identified a sophisticated dropper binary designed to deploy an information stealer, dubbed 'Ang… 2
Decoding the Stealthy Memory-Only Malware Aug. 23, 2024, 9:11 a.m. This intelligence report provides an in-depth analysis of a complex, multi-stage malware campaign called PEAKLIGHT. It details th… 23
Ailurophile: G DATA has sighted a new info stealer in the wild Aug. 19, 2024, 1:39 p.m. G DATA has detected a novel information-stealing malware, dubbed 'Ailurophile Stealer'. It is a PHP-based stealer offered through… 2
Beyond the wail: deconstructing the BANSHEE infostealer Aug. 16, 2024, 2:10 p.m. This analysis details the BANSHEE malware, a macOS-based infostealer that targets system information, browser data, and cryptocur… 2
Campaign uses infostealers and clippers for financial gain Aug. 16, 2024, 8:21 a.m. Kaspersky has uncovered a complex malware campaign orchestrated by Russian-speaking cybercriminals. The threat actors create sub-… 68
InfoStealer Uses SwiftUI, OpenDirectory API to Capture Passwords Aug. 9, 2024, 11:26 a.m. This report analyzes a new macOS stealer malware that leverages SwiftUI for password prompts and the OpenDirectory API for verify… 1
LummaC2 Malware Abusing the Game Platform 'Steam' July 26, 2024, 8:25 a.m. The report investigates LummaC2, an infostealer malware actively distributed under the guise of illegal software. It highlights L… 21
RAFEL RAT, ANDROID MALWARE FROM ESPIONAGE TO RANSOMWARE OPERATIONS June 20, 2024, 5:50 p.m. Check Point Research has identified multiple threat actors utilizing Rafel, an open-source remote administration tool (RAT). The … 6
Fickle Stealer Distributed via Multiple Attack Chain June 20, 2024, 5:36 p.m. In May 2024, FortiGuard Labs observed a Rust-based stealer. In addition to its intricate code, the stealer is distributed using a… 53
New Agent Tesla Campaign Targeting Spanish-Speaking People June 10, 2024, 11:24 a.m. This report analyzes a phishing campaign spreading a new Agent Tesla variant designed to infiltrate victims' computers and steal … 6
Fake Bahrain Government Android App Steals Personal Data Used for Financial Fraud June 3, 2024, 11:21 a.m. An analysis by McAfee's Mobile Research Team uncovered an Android InfoStealer malware masquerading as a government service app in… 14
Analysis of APT Attack Cases Using Dora RAT Against Companies May 30, 2024, 3:37 p.m. This analysis discusses an APT campaign by the Andariel threat group targeting Korean companies and educational institutions. The… 7
Unmasking AsukaStealer: The $80 Malware Threatening Digital Security May 30, 2024, 3:19 p.m. AsukaStealer, a malware offered for $80 on a Russian cybercrime forum, is designed to infiltrate popular browsers and extract sen… 4
Threat actors ride the hype for newly released Arc browser May 28, 2024, 5:43 p.m. The release of the Arc browser for Windows sparked interest among cyber criminals who quickly launched a malvertising campaign im… 9
Analysis of APT attack cases targeting domestic companies using Dora RAT (Andariel Group) May 20, 2024, 10:20 a.m. AhnLab Security Intelligence Center (ASEC) recently confirmed that the Andariel group carried out APT attacks on domestic compani… 10
Profiling Trafficers: Cerberus May 10, 2024, 9:02 a.m. This analysis delves into the activities of a group of malware operators known as Cerberus (formerly Amnesia) Team, who specializ… 24
macOS Cuckoo Stealer | Ensuring Detection and Defense as New Samples Rapidly Emerge May 10, 2024, 8:31 a.m. This analysis discusses the emergence of a new macOS malware family called 'Cuckoo Stealer', which acts as an infostealer and spy… 4
Malware: Behaves Like Cross Between Infostealer and Spyware May 3, 2024, 10:31 a.m. On April 24, 2024, we found a previously undetected malicious Mach-O binary programmed to behave like a cross between spyware and… 18
Scaly Wolf’s new loader: the right tool for the wrong job May 2, 2024, 2:48 p.m. The report analyzes a recent campaign by the Scaly Wolf threat group targeting organizations in Russia and Belarus. The group emp… 23
Eight Arms to Hold You: The Cuttlefish Malware May 2, 2024, 1:50 p.m. The Black Lotus Labs team at Lumen Technologies is tracking a malware platform named Cuttlefish, targeting enterprise-grade small… 40
Distribution of Infostealer Made With Electron April 30, 2024, 2:52 p.m. AhnLab Security Intelligence Center (ASEC) has discovered an Infostealer malware strain developed using the Electron framework, w… 1