The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what's called "Seed Phrase Image Recognition." "This allows Rhadamanthys to extract cryptocurrency wallet seed phrases from images, making it a highly potent threat for … [Read more...] about AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition
stealer
Threat Actor Uses Fake Recovery Manual to Deliver Unidentified Stealer
On July 22, 2024, CrowdStrike Intelligence identified a Word document containing macros that download an unidentified stealer now tracked as Daolpu. The document impersonates a Microsoft recovery manual.1 Initial analysis suggests the activity is likely criminal. Technical Analysis Lure Document The analyzed … [Read more...] about Threat Actor Uses Fake Recovery Manual to Deliver Unidentified Stealer
Threat Actor Distributes Python-Based Info Stealer Using Fake Update
Summary On July 23, 2024, CrowdStrike Intelligence identified a malicious ZIP file containing a Python-based information stealer now tracked as Connecio. A threat actor distributed this file days after the July 19, 2024, single content update for CrowdStrike’s Falcon sensor — which impacted Windows operating systems — was identified and a fix was deployed. The ZIP file uses the … [Read more...] about Threat Actor Distributes Python-Based Info Stealer Using Fake Update
New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth
A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control (C2) server IP address has been previously identified as associated with the malware. RedLine … [Read more...] about New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth
TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer
Apr 11, 2024NewsroomEndpoint Security / Ransomware A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as part of an invoice-themed phishing campaign. "This is the first time researchers observed TA547 use Rhadamanthys, an information stealer that is used by multiple cybercriminal threat actors," … [Read more...] about TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer
Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware
Mar 30, 2024NewsroomMalware / Cryptocurrency Malicious ads and bogus websites are acting as a conduit to deliver two different stealer malware, including Atomic Stealer, targeting Apple macOS users. The ongoing infostealer attacks targeting macOS users may have adopted different methods to compromise victims' Macs, but operate with the end goal of stealing sensitive data, … [Read more...] about Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware
Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer
Mar 16, 2024NewsroomMalware / Cybercrime Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by … [Read more...] about Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer
New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets
A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets. "It has the potential to expand to other platforms as Bandit Stealer was developed using the Go programming language, possibly allowing cross-platform compatibility," Trend Micro said … [Read more...] about New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets
A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads
May 02, 2023Ravie LakshmananMalvertising / Cyber Threat In yet another instance of how threat actors are abusing Google Ads to serve malware, a threat actor has been observed leveraging the technique to deliver a new Windows-based financial trojan and information stealer called LOBSHOT. "LOBSHOT continues to collect victims while staying under the radar," Elastic Security … [Read more...] about A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads
New All-in-One “EvilExtractor” Stealer for Windows Systems Surfaces on the Dark Web
Apr 24, 2023Ravie LakshmananCyber Risk / Dark Web A new "all-in-one" stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed for sale for other threat actors to steal data and files from Windows systems. "It includes several modules that all work via an FTP service," Fortinet FortiGuard Labs researcher Cara Lin said. "It also contains environment … [Read more...] about New All-in-One “EvilExtractor” Stealer for Windows Systems Surfaces on the Dark Web