Latest Information Stealer news

Malicious Microsoft VSCode extensions steal passwords, open remote shells

Cybercriminals are starting to target Microsoft's VSCode Marketplace, uploading three malicious Visual Studio extensions that Windows developers downloaded 46,600 times.
- Bill Toulas
- May 17, 2023
- 12:37 PM
- 1
The new info-stealing malware operations to watch out for

The information-stealing malware market is constantly evolving, with multiple malware operations competing for cybercriminal customers by promoting better evasion and increased ability to steal data from victims.
- Bill Toulas
- May 15, 2023
- 06:07 PM
- 0
Facebook disrupts new NodeStealer information-stealing malware

Facebook discovered a new information-stealing malware distributed on Meta called 'NodeStealer,' allowing threat actors to steal browser cookies to hijack accounts on the platform, as well as Gmail and Outlook accounts.
- Bill Toulas
- May 03, 2023
- 02:10 PM
- 1
New Atomic macOS info-stealing malware targets 50 crypto wallets

A new macOS information-stealing malware named 'Atomic' (aka 'AMOS') is being sold to cybercriminals via private Telegram channels for a subscription of $1,000 per month.
- Bill Toulas
- April 27, 2023
- 10:34 AM
- 0
EvilExtractor malware activity spikes in Europe and the U.S.

Researchers are seeing a rise in attacks spreading the EvilExtractor data theft tool, used to steal users' sensitive data in Europe and the U.S.
- Bill Toulas
- April 22, 2023
- 11:14 AM
- 0
Typhon info-stealing malware devs upgrade evasion capabilities

The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a major version they advertise as 'Typhon Reborn V2'
- Bill Toulas
- April 05, 2023
- 04:30 PM
- 0
New MacStealer macOS malware steals passwords from iCloud Keychain

A new info-stealing malware named MacStealer is targeting Mac users, stealing their credentials stored in the iCloud KeyChain and web browsers, cryptocurrency wallets, and potentially sensitive files.
- Bill Toulas
- March 27, 2023
- 01:16 PM
- 0
BlackGuard stealer now targets 57 crypto wallets, extensions

A new variant of the BlackGuard stealer has been spotted in the wild, featuring new capabilities like USB propagation, persistence mechanisms, loading additional payloads in memory, and targeting additional crypto wallets.
- Bill Toulas
- March 23, 2023
- 06:08 PM
- 0
Adobe Acrobat Sign abused to push Redline info-stealing malware

Cybercriminals are abusing Adobe Acrobat Sign, an online document signing service, to distribute info-stealing malware to unsuspecting users.
- Bill Toulas
- March 16, 2023
- 02:45 PM
- 0
YoroTrooper cyberspies target CIS energy orgs, EU embassies

A new threat actor named 'YoroTrooper' has been running cyber-espionage campaigns since at least June 2022, targeting government and energy organizations in Commonwealth of Independent States (CIS) countries.
- Bill Toulas
- March 14, 2023
- 10:56 AM
- 0
RIG Exploit Kit still infects enterprise users via Internet Explorer

The RIG Exploit Kit is undergoing its most successful period, attempting roughly 2,000 intrusions daily and succeeding in about 30% of cases, the highest ratio in the service's long operational history.
- Bill Toulas
- February 27, 2023
- 10:05 AM
- 0
PureCrypter malware hits govt orgs with ransomware, info-stealers

A threat actor has been targeting government entities with PureCrypter malware downloader that has been seen delivering multiple information stealers and ransomware strains.
- Bill Toulas
- February 25, 2023
- 10:16 AM
- 0
New S1deload Stealer malware hijacks Youtube, Facebook accounts

An ongoing malware campaign targets YouTube and Facebook users, infecting their computers with a new information stealer that will hijack their social media accounts and use their devices to mine for cryptocurrency.
- Sergiu Gatlan
- February 22, 2023
- 12:27 PM
- 0
New Stealc malware emerges with a wide set of stealing capabilities

A new information stealer called Stealc has emerged on the dark web gaining traction due to aggressive promotion of stealing capabilities and similarities with malware of the same kind like Vidar, Raccoon, Mars, and Redline.
- Bill Toulas
- February 20, 2023
- 04:27 PM
- 0
Devs targeted by W4SP Stealer malware in malicious PyPi packages

Five malicious packages were found on the Python Package Index (PyPI), stealing passwords, Discord authentication cookies, and cryptocurrency wallets from unsuspecting developers.
- Bill Toulas
- February 12, 2023
- 10:12 AM
- 0
Hackers use fake crypto job offers to push info-stealing malware

A campaign operated by Russian threat actors uses fake job offers to target Eastern Europeans working in the cryptocurrency industry, aiming to infect them with a modified version of the Stealerium malware named 'Enigma.'
- Bill Toulas
- February 09, 2023
- 04:34 PM
- 0
Hacker develops new 'Screenshotter' malware to find high-value targets

A new threat actor tracked as TA866 targets organizations in the United States and Germany with new custom malware to perform surveillance and data theft on infected systems.
- Bill Toulas
- February 09, 2023
- 12:39 PM
- 1
Russian hackers using new Graphiron information stealer in Ukraine

The Russian hacking group known as 'Nodaria' (UAC-0056) is using a new information-stealing malware called 'Graphiron' to steal data from Ukrainian organizations.
- Bill Toulas
- February 08, 2023
- 06:00 AM
- 3
Malicious ‘Lolip0p’ PyPi packages install info-stealing malware

A threat actor has uploaded to the PyPI (Python Package Index) repository three malicious packages that carry code to drop info-stealing malware on developers' systems.
- Bill Toulas
- January 16, 2023
- 11:41 AM
- 1
New Dark Pink APT group targets govt and military with custom malware

Attacks targeting government agencies and military bodies in multiple countries in the APAC region have been attributed to what appears to be a new advanced threat actor that leverages custom malware to steal confidential information.
- Bill Toulas
- January 11, 2023
- 02:00 AM
- 0