Pierluigi Paganini March 07, 2024
Snake, a new Info Stealer spreads through Facebook messages

Threat actors are using Facebook messages to spread a Python-based information stealer dubbed Snake, researchers warn. Cybereason researchers warn that threat actors are utilizing Facebook messages to spread the Snake malware, a Python-based information stealer. The researchers noticed that the threat actors are maintaining three different Python Infostealer variants. Two of these variants are regular […]

Pierluigi Paganini April 28, 2023
Google obtained a temporary court order against CryptBot distributors

Google obtained a temporary court order in the U.S. to disrupt the operations of the CryptBot information stealer. Google announced that a federal judge in the Southern District of New York unsealed its civil action against the operators of the information stealer Cryptbot. The IT giant obtained a temporary court order in the U.S. to disrupt […]

Pierluigi Paganini September 28, 2021
New BloodyStealer malware is targeting the gaming sector

Researchers spotted a new malware, dubbed BloodyStealer, that could allow stealing accounts for multiple gaming platforms. Researchers from Kaspersky have spotted a new malware dubbed BloodyStealer that is being used by threat actors to steal accounts for multiple gaming platforms, including Steam, Epic Games Store, GOG Galaxy, EA Origin, and more. The infostealer is available […]

Pierluigi Paganini September 27, 2021
Jupyter infostealer continues to evolve and is distributed via MSI installers

Cybersecurity researchers spotted a new version of the Jupyter infostealer which is distributed via MSI installers. Cybersecurity researchers from Morphisec have spotted a new version of the Jupyter infostealer that continues to be highly evasive. In November 2020, researchers at Morphisec have spotted Russian-speaking threat actors that have been using a piece of .NET infostealer, […]

Pierluigi Paganini June 11, 2021
Mysterious custom malware used to steal 1.2TB of data from million PCs

Experts spotted a new mysterious malware that was used to collect a huge amount of data, including sensitive files, credentials, and cookies. Researchers from NordLocker have discovered an unsecured database containing 1.2-terabyte of stolen data. Threat actors used custom malware to steal data from 3.2 million Windows systems between 2018 and 2020. The database includes […]

Pierluigi Paganini May 28, 2020
Valak a sophisticated malware that completely changed in 6 months

Valak malware has rapidly changed over the past six months, it was initially designed as a loader, but now it implemented infostealer capabilities. The Valak malware completely changed over the past six months, it was first developed to act as a loader, but now it implements also infostealer capabilities.  The malicious code fist appeared in […]

Pierluigi Paganini March 17, 2020
Attackers use a new CoronaVirus Ransomware to cover Kpot Infostealer infections

Coronavirus-themed attacks continue to increase, experts observed new Coronavirus ransomware that acts as a cover for Kpot Infostealer. Last week, security experts from MalwareHunterTeam detected new ransomware dubbed CoronaVirus has been distributed through a malicious web site that was advertising a legitimate system optimization software and utilities from WiseCleaner. In this campaign, crooks are exploiting the interest […]

Pierluigi Paganini July 09, 2018
Hacker hijacked original LokiBot malware to sell samples in the wild

An expert found evidences that demonstrate the current distributed LokiBot malware samples were “hijacked” by a third actor. According to the researcher who goes online by the Twitter handle “d00rt,” samples of the LokiBot malware samples being distributed in the wild are modified versions of the original sample. I just released an article where are […]

Pierluigi Paganini July 14, 2017
Ovidiy Stealer a cheap and efficient infostealer offered for sale

A new infostealer malware dubbed Ovidiy Stealer was offered for sale by a Russia-speaking malware developer that goes online with the moniker “TheBottle.” TheBottle has advertised the malware on various cybercrime forums. The Ovidiy Stealer was first spotted in June 2017, according to the experts at security firm Proofpoint the malware is under development and is […]

Pierluigi Paganini January 07, 2016
Authors digitally signed Spymel Trojan to evade detection

Zscaler ThreatLabZ detected a new infostealer malware family dubbed Spymel that uses stolen certificates to evade detection. In late December, security experts at Zscaler ThreatLabZ detected a new infostealer malware family dubbed Spymel that uses stolen certificates to evade detection. “ThreatLabZ came across yet another malware family where the authors are using compromised digital certificates to evade detection. The malware family in […]