All articles tagged with #infostealer
A publicly accessible database exposed 149 million account credentials, including 48 million Gmail logins and 17 million Facebook logins, along with government, banking, and education accounts. The researcher who found it suspects infostealing malware collected the data, and the provider took the trove down after being alerted; the leak highlights how unsecured databases can become a goldmine for cybercriminals.
A new spyware malware automates sextortion by monitoring browsers for NSFW content, then capturing screenshots and webcam photos of victims, escalating the threat of cybercrime and privacy invasion.
A threat actor called EncryptHub compromised the early access Steam game Chemia by injecting malware that steals user data, which remains available on Steam and poses a risk to players. The malware includes HijackLoader and Vidar infostealer, and was added through malicious binaries, with the attack possibly involving insider help. Steam has not issued an official statement, and users are advised to avoid downloading the game until further notice.
A webinar on July 9th will explore how cybercriminals are increasingly breaching networks using stolen credentials instead of vulnerabilities, covering attack methods, detection, and prevention strategies, with insights from industry experts.
A malware campaign by Stargazers Ghost Network targets Minecraft players with fake mods and cheats, infecting Windows devices to steal credentials, tokens, and cryptocurrency wallets through malicious Java and .NET payloads distributed via GitHub repositories and Pastebin links, with a focus on evading detection and exfiltrating data to Russian-controlled servers.
Malicious packages on the PyPI repository have been found to deliver the WhiteSnake Stealer malware on Windows systems, while also targeting Linux hosts with a Python script. The malware, uploaded by a threat actor named "WS," is capable of stealing information, communicating with a C&C server using the Tor protocol, and exfiltrating sensitive data, particularly crypto wallet information. The packages have been observed to overwrite clipboard content with attacker-owned wallet addresses and steal data from browsers, applications, and crypto services. This discovery highlights the ability of a single malware author to disseminate multiple info-stealing malware packages into the PyPI library over time.
Cybercriminals are spreading a new infostealer malware called Realst through fake blockchain games, targeting both Windows and macOS users. Some variants of the malware are already targeting macOS 14 Sonoma, which is set to be released in the fall. Realst silently collects web browser data, including stored passwords, and can empty cryptocurrency wallets. To protect against Realst and other malware, users are advised to be cautious when installing software outside the official Mac App Store, verify links before opening them, use strong passwords and two-step authentication, exercise caution when granting permissions, and keep devices and applications up-to-date.