Latest Info Stealer news

New Masad Stealer Malware Exfiltrates Crypto Wallets via Telegram

A new and actively distributed malware strain dubbed Masad Stealer steals files, browser information, and cryptocurrency wallet data from infected computers that get sent back to its masters using Telegram as a communication channel.
- Sergiu Gatlan
- September 27, 2019
- 03:27 PM
- 0
LokiBot Info-Stealer Used in Spear Phishing Attack on US Company

Security researchers discovered a malspam campaign distributing LokiBot information stealer payloads using phishing messages targeting the employees of a large U.S. manufacturing company.
- Sergiu Gatlan
- September 10, 2019
- 02:30 PM
- 0
PsiXBot Modular Malware Gets New Sextortion, Google DoH Upgrades

Security researchers discovered a new variant of the PsiXBot modular malware with a new sextortion module and designed to use Google's DNS over HTTPS (DoH) service to get command and control (C2) domain addresses.
- Sergiu Gatlan
- September 09, 2019
- 02:00 PM
- 0
Stealthy Android Trojan Spy Signs You Up For Premium Subscriptions

Security researchers discovered a new Android Trojan with malware dropper and spyware capabilities in 24 Google Play Store apps with more than 472,000 downloads in total.
- Sergiu Gatlan
- September 04, 2019
- 05:41 PM
- 0
Glupteba Malware Uses Bitcoin Blockchain to Update C2 Domains

A new variant of the Glupteba malware dropper is using the Bitcoin blockchain to fetch command and control (C2) server domains from Bitcoin transactions marked with OP_RETURN script opcodes.
- Sergiu Gatlan
- September 04, 2019
- 02:03 PM
- 0
Astaroth Trojan Uses Cloudflare Workers to Bypass AV Software

A new malicious campaign is actively distributing a new Astaroth Trojan variant by abusing the Cloudflare Workers serverless computing platform to avoid detection and block automated analysis attempts.
- Sergiu Gatlan
- September 02, 2019
- 02:48 PM
- 0
Hackers Use Fake NordVPN Website to Deliver Banking Trojan

The attackers who previously breached and abused the website of free multimedia editor VSDC to distribute the Win32.Bolik.2 banking Trojan have now switched their tactics.
- Sergiu Gatlan
- August 19, 2019
- 10:26 AM
- 2
Lokibot Uses Image Files to Hide Code for Unpacking Routine

The authors behind LokiBot info-stealer have turned to steganography to add a new layer of obfuscation, the researchers discovered in a recent variant of the malware.
- Ionut Ilascu
- August 07, 2019
- 03:32 AM
- 1
Microsoft Discovers Fileless Astaroth Trojan Campaign

A fileless malware campaign used by attackers to drop the information stealing Astaroth Trojan into the memory of infected computers was detected by Microsoft Defender ATP Research Team researchers.
- Sergiu Gatlan
- July 08, 2019
- 01:07 PM
- 4
Malspam Campaigns Use HawkEye Keylogger to Target Businesses

Attackers have been observed targeting businesses on a worldwide scale during the last two months with the HawkEye keylogger malware according to a report from IBM X-Force.
- Sergiu Gatlan
- May 27, 2019
- 12:20 PM
- 0
Malicious AutoHotkey Scripts Used to Steal Info, Remotely Access Systems

Attackers are targeting potential victims using a malicious AutoHotkey script to avoid detection and to steal information, to drop more payloads, and to remotely access compromised machines using TeamViewer.
- Sergiu Gatlan
- April 17, 2019
- 10:04 AM
- 0
New Info-stealer Baldr Emerges As a Reliable, Long-Term Player

An advanced breed of information stealer called Baldr is being peddled on cybercrime forums. It appears that it is in the running for the long haul as it relies on short development cycles to iron the wrinkles and get new capabilities.
- Ionut Ilascu
- April 09, 2019
- 11:14 AM
- 0
New Astaroth Trojan Variant Exploits Anti-Malware Software to Steal Info

A new Astaroth Trojan campaign targeting Brazil and European countries is currently exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and load malicious modules.
- Sergiu Gatlan
- February 13, 2019
- 08:00 AM
- 0