infostealer
-
Blog
Dragging your feet on Windows 11 migration? Rising infostealer threats might change that
With the clock ticking down to the Windows 10 end of life (EOL) deadline in October, organizations are dragging their feet on Windows 11 migration – and leaving their devices vulnerable as a result. New data from threat exposure management platform NordStellar shows that nearly six-in-ten systems affected by infostealers in December last year are still running Windows 10. “The…
Read More » -
Blog
Infostealer malware: What’s the threat to businesses?
Infostealers have been around for some time but recently they’ve been making headlines. This targeted malware, created to compromise the systems of victims and exfiltrate sensitive information, is on the rise and poses an active threat to all businesses. A recent report found that infostealers exposed billions of credentials in 2024, with KELA Cyber Threat Intelligence measuring 4.3 million machines…
Read More » -
Blog
Infostealer campaign compromises 10 npm packages, targets devs
Ten npm packages were suddenly updated with malicious code yesterday to steal environment variables and other sensitive data from developers’ systems. The campaign targeted multiple cryptocurrency-related packages, and the popular ‘country-currency-map’ package was downloaded thousands of times a week. The malicious code was discovered by Sonatype researcher Ali ElShakankiry and is found in two heavily obfuscated scripts, “/scripts/launch.js” and “/scripts/diagnostic-report.js,” which execute upon…
Read More » -
Blog
A ‘significant increase’ in infostealer malware attacks left 3.9 billion credentials exposed to cyber criminals last year – and experts worry this is a ticking time bomb for enterprises
Researchers have warned that billions of credentials exposed to cyber criminals were sourced from infostealer logs last year – and it’s created a ticking time bomb for enterprises as hackers begin cracking systems. KELA Cyber Threat Intelligence’s State of Cybercrime 2024 report singled out infostealers as a persistent threat that usually serve as “precursors to advanced attacks, including ransomware and…
Read More » -
Blog
Have I Been Pwned adds 284M accounts stolen by infostealer malware
The Have I Been Pwned data breach notification service has added over 284 million accounts stolen by information stealer malware and found on a Telegram channel. HIBP founder Troy Hunt says he found 284,132,969 compromised accounts while analyzing 1.5TB of stealer logs likely collected from numerous sources and shared on a Telegram channel known as “ALIEN TXTBASE.” “They contain 23 billion rows with…
Read More » -
Blog
PirateFi Game Spreads Vidar Infostealer
Earlier this month, researchers discovered that a free-to-play game called PirateFi was distributing the Vidar information-stealing malware to users on gaming platform Steam. From Feb. 6-12, as many as 1,500 users downloaded the game before Steam removed it from the platform. The situation should be a wake-up call for all gamers. PirateFi: Before PirateFi: After What Is PirateFi? PirateFi is…
Read More » -
Blog
New FrigidStealer infostealer infects Macs via fake browser updates
The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer. The new malware is delivered to Mac users, but the same campaign also uses Windows and Android payloads to cover a broad range of targets. The new campaign was discovered by researchers…
Read More » -
Blog
Fake LDAPNightmware exploit on GitHub spreads infostealer malware
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka “LDAPNightmare”) on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. The tactic isn’t novel, as there have been multiple documented cases of malicious tools disguised as PoC exploits on GitHub. However, this case, discovered by Trend Micro, highlights that threat actors continue to use the…
Read More » -
Blog
Malicious ads push Lumma infostealer via fake CAPTCHA pages
A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot. The campaign leveraged the Monetag ad network to propagate over one million ad impressions daily across three thousand websites. The malicious operation, dubbed “DeceptionAds” by Guardio Labs and Infoblox researchers, is believed…
Read More » -
Blog
Two notorious infostealer malware operations were just knocked offline
A joint operation of global law enforcement agencies has dismantled the operations of two prominent strains of infostealer malware. Operation Magnus, was a collaboration between Dutch National Police, the FBI, and agencies from Australia, Belgium, Portugal, and the UK, targeting the infrastructure underpinning the RedLine and Meta infostealers. RedLine and Meta steal data including login credentials, as well as addresses,…
Read More »