infostealer

Strela Stealer targets Central and Southwestern Europe through Stealthy Execution via WebDAV

infostealer, Malware /

Strela Stealer targets Central and Southwestern Europe through Stealthy Execution via WebDAV 2024-10-30 at 15:05 By rohansinhacyblecom Key Takeaways Executive Summary Strela Stealer, first identified by DCSO in late 2022, is a type of information-stealing malware primarily designed to exfiltrate email account credentials from widely used email clients, including Microsoft Outlook and Mozilla Thunderbird. This malware […]

React to this headline:

Loading spinner

Strela Stealer targets Central and Southwestern Europe through Stealthy Execution via WebDAV Read More »

FatalRAT’s New Prey: Cryptocurrency Users in the Crosshairs

Cryptocurrency, infostealer /

FatalRAT’s New Prey: Cryptocurrency Users in the Crosshairs 2024-04-11 at 12:46 By neetha871ad236bd Key Takeaways Overview CRIL has recently uncovered a sophisticated phishing campaign that specifically targets cryptocurrency users, with a notable emphasis on users of the Exodus platform. In this intricate scheme, threat actors (TAs) have employed a deceptive website meticulously designed to mimic

React to this headline:

Loading spinner

FatalRAT’s New Prey: Cryptocurrency Users in the Crosshairs Read More »

Uncovering Atomic Stealer (AMOS) Strikes and the Rise of Dead Cookies Restoration

infostealer, Malware, phishing /

Uncovering Atomic Stealer (AMOS) Strikes and the Rise of Dead Cookies Restoration 2024-01-25 at 15:01 By neetha871ad236bd CRIL analyzes an ongoing phishing campaign spreading an updated version of Atomic Stealer targeting Mac users. The post Uncovering Atomic Stealer (AMOS) Strikes and the Rise of Dead Cookies Restoration appeared first on Cyble. The post Uncovering Atomic

React to this headline:

Loading spinner

Uncovering Atomic Stealer (AMOS) Strikes and the Rise of Dead Cookies Restoration Read More »

Protected: Uncovering Atomic Stealer (AMOS) Strikes and the Cookie Resurgence Trend 

infostealer, Malware, phishing /

Protected: Uncovering Atomic Stealer (AMOS) Strikes and the Cookie Resurgence Trend  2024-01-25 at 13:16 By neetha871ad236bd There is no excerpt because this is a protected post. The post Protected: Uncovering Atomic Stealer (AMOS) Strikes and the Cookie Resurgence Trend  appeared first on Cyble. The post Protected: Uncovering Atomic Stealer (AMOS) Strikes and the Cookie Resurgence

React to this headline:

Loading spinner

Protected: Uncovering Atomic Stealer (AMOS) Strikes and the Cookie Resurgence Trend  Read More »

Cyber Espionage Attack on the Indian Air Force: Go-Based Infostealer Exploits Slack for Data Theft

infostealer, Malware /

Cyber Espionage Attack on the Indian Air Force: Go-Based Infostealer Exploits Slack for Data Theft 2024-01-17 at 12:01 By cybleinc Cyber Espionage Attack on the Indian Air Force: Go-Based Infostealer Exploits Slack for Data Theft Key Takeaways Cyble Research and Intelligence Labs (CRIL) identified a Go Stealer variant potentially targeting the Indian Air Force. The

React to this headline:

Loading spinner

Cyber Espionage Attack on the Indian Air Force: Go-Based Infostealer Exploits Slack for Data Theft Read More »

Decoding qBit Stealer’s Source Release and Data Exfiltration Prowess

Golang, infostealer, Malware, qBit Stealer, RaaS, Ransomware-as-a-Service /

Decoding qBit Stealer’s Source Release and Data Exfiltration Prowess 2023-12-28 at 12:47 By cybleinc CRIL investigates the source code of qBit – which has recently appeared on a cybercrime forum – delving into its exfiltration capabilities. The post Decoding qBit Stealer’s Source Release and Data Exfiltration Prowess appeared first on Cyble. This article is an

React to this headline:

Loading spinner

Decoding qBit Stealer’s Source Release and Data Exfiltration Prowess Read More »

New Persian Remote World Selling  a Suite of Malicious Tools

All, infostealer, Keylogger, Malware, Persian Loader, Persian RAT, Persian Remote, Persian X Loader, trojan /

New Persian Remote World Selling  a Suite of Malicious Tools 23/11/2023 at 11:46 By cybleinc CRIL analyzes a new website – Persian Remote World – selling malicious software, including RATs and Malware loaders, for monetary gain. The post New Persian Remote World Selling  a Suite of Malicious Tools appeared first on Cyble. This article is

React to this headline:

Loading spinner

New Persian Remote World Selling  a Suite of Malicious Tools Read More »

New Java-Based Rude Stealer abuses DirectX Diagnostic Tool

Discord, infostealer, Java, Malware, Rude Stealer, Steam, Telegram, Windows /

New Java-Based Rude Stealer abuses DirectX Diagnostic Tool 20/11/2023 at 14:31 By cybleinc CRIL analyzes Rude Stealer – a Java-based stealer capable of exfiltrating a wide range of information from infected systems. The post New Java-Based Rude Stealer abuses DirectX Diagnostic Tool appeared first on Cyble. This article is an excerpt from Cyble View Original

React to this headline:

Loading spinner

New Java-Based Rude Stealer abuses DirectX Diagnostic Tool Read More »

Fileless Pure Clipper Malware: Italian users in the crosshairs

Alibaba2044, Bitcoin, Clipper, Cryptowallets, Ethereum, infostealer, Italy, Malware, phishing, Pure Clipper, PureLoader, PureLogs /

Fileless Pure Clipper Malware: Italian users in the crosshairs 18/10/2023 at 15:18 By cybleinc Key Takeaways Overview In a recent investigation, the CRIL found an operation orchestrated by a Threat Actor (TA) through a deceptive phishing site that imitated the official Tor Project website. The TA was spreading Pure Clipper in this operation. Clipper is

React to this headline:

Loading spinner

Fileless Pure Clipper Malware: Italian users in the crosshairs Read More »

Tatar-Language Users in the Crosshairs of Python Screenshotter

FTP, infostealer, Malware, PowerShell, Python, RAR File, ScreenShotter, TA866, Tatar /

Tatar-Language Users in the Crosshairs of Python Screenshotter 14/09/2023 at 20:17 By rohansinhacyblecom Key Takeaways • Cyble Research and Intelligence Labs (CRIL) came across Python malware capturing screenshots and sending them over FTP to remote attackers.• Proofpoint has observed similar campaigns in the recent past targeting the United States and Germany, with the perpetrator tracked

React to this headline:

Loading spinner

Tatar-Language Users in the Crosshairs of Python Screenshotter Read More »

AgentTesla Malware Targets Users with Malicious Control Panel File

AgentTesla, infostealer, Malware /

AgentTesla Malware Targets Users with Malicious Control Panel File 09/08/2023 at 22:02 By cybleinc Cyble Research and Intelligence Labs analyzes the distribution method of AgentTesla malware using malicious control panel files. The post AgentTesla Malware Targets Users with Malicious Control Panel File appeared first on Cyble. This article is an excerpt from Cyble View Original

React to this headline:

Loading spinner

AgentTesla Malware Targets Users with Malicious Control Panel File Read More »

Fabricated Microsoft Crypto Wallet Phishing Site Spreads Infostealer

AntiVM, Chrome, Clipper, Clipper Malware, Crypto wallet, Cryptocurrency, cybercriminals, Electrum, GitHub, GravityRAT, IBAN, infostealer, Luca Stealer, Malware, Microsoft, Opera, phishing, phishing attack, Threat Actors, Threat Intelligence /

Fabricated Microsoft Crypto Wallet Phishing Site Spreads Infostealer 21/07/2023 at 19:19 By cybleinc Cyble Research and Intelligence Labs analyzes Threat Actors spreading Luca Stealer disguised as a beta version of Microsoft Crypto Wallet. The post Fabricated Microsoft Crypto Wallet Phishing Site Spreads Infostealer appeared first on Cyble. This article is an excerpt from Cyble View

React to this headline:

Loading spinner

Fabricated Microsoft Crypto Wallet Phishing Site Spreads Infostealer Read More »

Legion Stealer targeting PUBG players

Chromium, Cryptowallets, GitHub, infostealer, Legion Stealer, Minecraft, PlayerUnknown's Battlegrounds, PUBG, Roblox, Solution File /

Legion Stealer targeting PUBG players 11/07/2023 at 12:09 By cybleinc CRIL analyzes how a fake PUBG Bypass Hack GitHub Repository serves as a gateway for Legion Stealer malware distribution. The post Legion Stealer targeting PUBG players appeared first on Cyble. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

Legion Stealer targeting PUBG players Read More »

Cloud Mining Scam Distributes Roamer Banking Trojan

AB Ditizen, ACB One, and NFTS, Android, App store, Banking applications, Banking Trojan, Binance, Cloud Mining, CloudMining.apk, crypto mining, Cryptocurrency, cybercrime, darkweb, data breach, Data leak, ETH, Ethereum, fake app, Google Play, HDFC Bank Mobile Banking App, infostealer, Malware, MB Bank, Monero, MSB mBank, phishing, PV Mobile Banking, Roamer, SCB Mobile Banking, Telegram, Threat Intelligence, VCB Digibank, VietinBank iPay, XMR /

Cloud Mining Scam Distributes Roamer Banking Trojan 14/06/2023 at 16:35 By cybleinc Cyble analyzes a cloud mining scam leveraging phishing to distribute the Roamer banking trojan, targeting Android Crypto wallets and banking applications, aiming to steal sensitive information. The post Cloud Mining Scam Distributes Roamer Banking Trojan appeared first on Cyble. This article is an

React to this headline:

Loading spinner

Cloud Mining Scam Distributes Roamer Banking Trojan Read More »

Over 45 thousand Users Fell Victim to Malicious PyPI Packages

All, Creal Stealer, Credit card, darkweb, Discord Webhook, Evilpip, GitHub, Google Chrome, Hazard Token Grabber, HTTP GET, infostealer, KEKW, Malware, phishing, PyPI, Python Package Index, Python Packages, Reaquests, Requests, Third party software, Threat Actors, Threat Intelligence, Tikcock Grabber, W4SP Stealer /

Over 45 thousand Users Fell Victim to Malicious PyPI Packages 09/06/2023 at 12:31 By cybleinc Through the analysis of more than 160 malicious Python packages, CRIL reveals insights into the threat landscape associated with Python packages. The post Over 45 thousand Users Fell Victim to Malicious PyPI Packages appeared first on Cyble. This article is

React to this headline:

Loading spinner

Over 45 thousand Users Fell Victim to Malicious PyPI Packages Read More »

Ducktail Malware Focuses on Targeting HR and Marketing Professionals

Avalon Organics, Brave Browser, cybercrime, darkweb, Data leak, Dropbox, DuckTail, fake app, Google Chrome, Human Resources, infostealer, L'Oreal, Malware, Marketing, Microsoft Edge, Mozilla Firefox, NIVEA, Olay /

Ducktail Malware Focuses on Targeting HR and Marketing Professionals 17/05/2023 at 15:37 By cybleinc CRIL analyzes DuckTail, a malware infostealer actively targeting HR and Marketing executives to exploit their Social Media Business Accounts. The post Ducktail Malware Focuses on Targeting HR and Marketing Professionals appeared first on Cyble. This article is an excerpt from Cyble

React to this headline:

Loading spinner

Ducktail Malware Focuses on Targeting HR and Marketing Professionals Read More »

Scroll to Top