TRENDING

TARGETED INDUSTRIES -> IT & ITES | Government & LEA | Technology | Healthcare | EducationTARGETED COUNTRIES -> United States | Russian Federation | China | United Kingdom | UkraineTARGETED REGIONS -> North America (NA) | Europe & UK | Asia & Pacific (APAC) | Middle East & Africa (MEA) | Australia and New Zealand (ANZ)IOCs -> a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91 | 7bdbd180c081fa63ca94f9c22c457376 | 10.0.0.0 | 9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507 | 2915b3f8b703eb744fc54c81f4a9c67fCVEs -> CVE-2024-21887 | CVE-2023-46805 | CVE-2024-21893 | CVE-2021-44228 | CVE-2024-21412TECHNIQUES -> T1082 | T1140 | T1083 | T1105 | T1486TACTICS -> TA505 | TA0011 | TA0007 | TA577 | TA0005TAGS -> security | the-cyber-express | firewall-daily | the-cyber-express-news | malwareTHREAT ACTORS -> Lockbit | Blackcat | Lazarus | VoltTyphoon | KimsukyMALWARE -> CobaltStrike | Lockbit | Mirai | Qakbot | DarkgateSOURCES -> Darkreading | Bleepingcomputer | The Hacker News | The Cyber Express | Infosecurity Magazine
Cyble-Research-Lab-Stealer-Malware-Family

Cyble Research Labs – Analysis Report of Stealer Malware Family

ver the past year, Cyble Research Labs has noticed extensive usage of “Stealer” malware by initial access brokers to compromise victims. These initial access brokers can trade these credentials with other criminal groups, launching targeted attacks on specific organizations. These are designed to steal user credentials such as usernames, passwords, and cookies and send them to a server under the attacker’s control. The stolen information is then aggregated and sold to other interested criminal groups that can abuse this access for espionage, data theft, or even ransomware attacks. This report reveals the prevalence of stealer malware campaigns and evolving models.
Odin ad

Over the past year, Cyble Research Labs has noticed extensive usage of “Stealer” malware by initial access brokers to compromise victims. These initial access brokers can trade these credentials with other criminal groups, launching targeted attacks on specific organizations. These are designed to steal user credentials such as usernames, passwords, and cookies and send them to a server under the attacker’s control. The stolen information is then aggregated and sold to other interested criminal groups that can abuse this access for espionage, data theft, or even ransomware attacks. This report reveals the prevalence of stealer malware campaigns and evolving models.

Stealers or “info stealers” are malware variants belonging to the Trojan family. These are designed to steal user credentials such as usernames, passwords, and cookies and send them to a server under the attacker’s control. These attackers – also called “initial access brokers” – tend to use phishing campaigns to distribute such stealer malware and gather user credentials, system information, and even screenshots or data from their victims. The stolen information is then aggregated and sold to other interested criminal groups that can abuse this access for espionage, data theft, or even ransomware attacks.

Cyble has analyzed 50+ Stealer variants that are in circulation and are being widely used in various threat campaigns globally.

The top 10 Stealer variants are listed below:

RedLine
Bloody
Raccoon
Loki
Vidar
CopperStealer
Oski
KPOT
Mars
AZORult
Top 10 Stealer Malware Variants

Download the report from here.

About Us

Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the Darkweb. Its prime focus is to provide organizations with real-time visibility to their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Start-ups to Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. To learn more about Cyble, visit https://cyble.com.

Share the Post:

Related Posts

Discover more from Cyble

Subscribe now to keep reading and get access to the full archive.

Continue reading

Scroll to Top