Lucene search
K

19 matches found

Malwarebytes
Malwarebytes
added 5 days ago19 views

Fake Google and Cloudflare verification pages spread multiple malware families

Updated July 6 to add connections with SyncTDS and TrafficTDS ClickFix attacks, which trick people into running malicious commands themselves, continue to evolve. This latest campaign uses fake Google and Cloudflare verification pages to convince victims to infect their own devices. A single...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/24 3:59 p.m.7 views

Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered

A coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft, has resulted in the takedown of criminal infrastructure powering Amadey and StealC. "The main common goal was to disrupt the 'assembly lines' cybercriminals...

5.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/06/24 12:30 p.m.20 views

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

In this article 1. The role of infostealers: From credential theft to intrusion 2. StealC: Infostealer for rent 3. Amadey: Malware-as-a-service for delivery of infostealers 4. Defending against StealC and Amadey intrusions 5. Microsoft Defender detections 6. Indicators of compromise Infostealers...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/17 12:42 p.m.8 views

SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer

Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model Context Protocol MCP server associated with Oura Health to deliver an information stealer known as StealC. "The threat actors cloned a legitimate Oura MCP Serv...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/19 6:53 a.m.9 views

Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations

Cybersecurity researchers have disclosed a cross-site scripting XSS vulnerability in the web-based control panel used by operators of the StealC information stealer, allowing them to gather crucial insights on one of the threat actors using the malware in their operations. "By exploiting it, we...

5.8AI score
Exploits0
Trellix
Trellix
added 2025/12/18 12:0 a.m.21 views

Amadey Exploiting Self-Hosted GitLab to Distribute StealC

Amadey Exploiting Self-Hosted GitLab to Distribute StealC By Rahul Sharma · December 18, 2025 Executive summary Amadey is a malware loader that has been active since 2018, primarily used to distribute second-stage payloads and infostealers. While Amadey has been previously known to distribute...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/09 4:1 p.m.5 views

Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure

Four distinct threat activity clusters have been observed leveraging a malware loader known as CastleLoader , strengthening the previous assessment that the tool is offered to other threat actors under a malware-as-a-service MaaS model. The threat actor behind CastleLoader has been assigned the...

7AI score
Exploits0
HackRead
HackRead
added 2025/09/16 6:30 p.m.2 views

Ongoing FileFix Attack Installs StealC Infostealer Via Fake Facebook Pages

Researchers spot FileFix phishing sites that deliver StealC Infostealer through fake Facebook warnings and hidden payloads in images...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/09/16 12:33 p.m.5 views

New FileFix Variant Delivers StealC Malware Through Multilingual Phishing Site

Cybersecurity researchers have warned of a new campaign that's leveraging a variant of the FileFix social engineering tactic to deliver the StealC information stealer malware. "The observed campaign uses a highly convincing, multilingual phishing site e.g., fake Facebook Security page, with...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/26 1:53 p.m.25 views

EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware

The threat actor known as EncryptHub exploited a recently-patched security vulnerability in Microsoft Windows as a zero-day to deliver a wide range of malware families, including backdoors and information stealers such as Rhadamanthys and StealC. "In this attack, the threat actor manipulates .msc...

7CVSS7.9AI score0.31894EPSS
Exploits7
The Hacker News
The Hacker News
added 2025/02/03 5:30 a.m.20 views

Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware

A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer aka AMOS, and Angel Drainer. "Specializing in...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/27 7:16 a.m.22 views

MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks

Threat hunters have detailed an ongoing campaign that leverages a malware loader called MintsLoader to distribute secondary payloads such as the StealC information stealer and a legitimate open-source network computing platform called BOINC. "MintsLoader is a PowerShell based malware loader that...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/16 1:8 p.m.29 views

Russian Hackers Using Fake Brand Sites to Spread DanaBot and StealC Malware

Cybersecurity researchers have shed light on a sophisticated information stealer campaign that impersonates legitimate brands to distribute malware like DanaBot and StealC. The activity cluster, orchestrated by Russian-speaking cybercriminals and collectively codenamed Tusk, is said to encompass...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/19 10:8 a.m.19 views

Warning: Markopolo's Scam Targeting Crypto Users via Fake Meeting Software

A threat actor who goes by alias markopolo has been identified as behind a large-scale cross-platform scam that targets digital currency users on social media with information stealer malware and carries out cryptocurrency theft. The attack chains involve the use of a purported virtual meeting...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/03 1:16 p.m.44 views

Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset

Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and allow continuous access to Google services even after a password reset. According to CloudSEK, the critical exploit facilitates session persistence and...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/08/31 9:44 p.m.52 views

Fake Update Utilizes New IDAT Loader To Execute StealC and Lumma Infostealers

Technical Analysis by: Thomas Elkins, Natalie Zargarov Contributions: Evan McCann, Tyler McGraw Recently, Rapid7 observed the Fake Browser Update lure tricking users into executing malicious binaries. While analyzing the dropped binaries, Rapid7 determined a new loader is utilized in order to...

8.3AI score
Exploits0
HackRead
HackRead
added 2023/02/22 10:49 p.m.22 views

Hackers Advertising New Info-Stealing Malware on Dark Web

By Deeba Ahmed Dubbed "Stealc" by researchers, the malware is also being promoted on several Russian language hacker and cybercrime forums on the clear net, in addition to the dark web. This is a post from HackRead.com Read the original post: Hackers Advertising New Info-Stealing Malware on Dark ...

2.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/21 10:35 a.m.42 views

Researchers Discover Numerous Samples of Information Stealer 'Stealc' in the Wild

A new information stealer called Stealc that's being advertised on the dark web could emerge as a worthy competitor to other malware of its ilk. "The threat actor presents Stealc as a fully featured and ready-to-use stealer, whose development relied on Vidar, Raccoon, Mars, and RedLine stealers,"...

Exploits0
The Hacker News
The Hacker News
added 2023/02/21 10:35 a.m.5 views

Researchers Discover Numerous Samples of Information Stealer 'Stealc' in the Wild

A new information stealer called Stealc that's being advertised on the dark web could emerge as a worthy competitor to other malware of its ilk. "The threat actor presents Stealc as a fully featured and ready-to-use stealer, whose development relied on Vidar, Raccoon, Mars, and RedLine stealers,"...

6AI score
Exploits0
Rows per page
Query Builder