Information Stealer - Cybersec Sentinel

Information Stealer

A collection of 7 posts

TeamPCP Injects Credential Stealer Into Trivy Releases and Spreads to npm via CanisterWorm

TeamPCP Injects Credential Stealer Into Trivy Releases and Spreads to npm via CanisterWorm

GroupTeamPCP (financially motivated threat actor, reportedly collaborating with LAPSUS$ for extortion; nationality unconfirmed)TypeMulti-Ecosystem Supply Chain Attack, Infostealer, Self-Propagating Worm, Kubernetes WiperDeliveryCompromised GitHub Actions (trivy-action, setup-trivy, kics-github-action, ast-github-action) plus poisoned PyPI packages (litellm) and self-propagating npm infection via CanisterWormMalwareTeamPCP Cloud Stealer — three-stage CI/CD credential harvester; CanisterWorm —

Katz Stealer Malware Targets Browsers Wallets and Messaging Platforms

Katz Stealer Malware Targets Browsers Wallets and Messaging Platforms

Threat Group: Unknown (operates via MaaS model) Threat Type: Credential and information-stealing malware (Infostealer) Exploited Vulnerabilities: Chrome ABE Bypass, UAC Bypass via cmstp.exe, Process Hollowing via MSBuild.exe Malware Used: Katz Stealer Threat Score: 🔴 High (8.2/10) Last Observed Activity: May 278 2025 Overview This report delivers a

Snake Keylogger Evolves with Advanced Obfuscation Techniques

Snake Keylogger Evolves with Advanced Obfuscation Techniques

Threat Group: Unidentified Cybercriminal Group Threat Type: Keylogger/Information Stealer Exploited Vulnerabilities: No specific vulnerabilities exploited; relies on social engineering and phishing techniques Malware Used: Snake Keylogger (New Variant) Threat Score: High (8.5/10) – Due to its advanced obfuscation techniques, persistence mechanisms, and widespread targeting Last Threat Observation: February

Astral Stealer Strikes Again Stealing More Than Just Your Cookies

Astral Stealer Strikes Again Stealing More Than Just Your Cookies

Threat Type: Information Stealer Exploited Vulnerabilities: No specific vulnerabilities exploited; relies on user execution and social engineering tactics. Malware Used: Astral Stealer Threat Score: High (9.0/10) Last Threat Observation: January 31, 2025 Overview Astral Stealer is an advanced information-stealing malware designed to extract sensitive data from compromised systems.

macOS Users Targeted by the New Variant of Banshee Infostealer

macOS Users Targeted by the New Variant of Banshee Infostealer

Threat Group: Unknown Threat Type: Information Stealer (Infostealer) Exploited Vulnerabilities: No specific vulnerabilities exploited; relies on social engineering and phishing tactics Malware Used: Banshee Stealer Threat Score: High (8.5/10) – Due to its advanced evasion techniques, targeting of macOS systems, and comprehensive data theft capabilities. Last Threat Observation: January

Threat Surge as Lumma Stealer Expands Its Reach

Threat Surge as Lumma Stealer Expands Its Reach

Threat Group: Lumma (operated by "Shamel") Threat Type: Information Stealer (Malware-as-a-Service) Exploited Vulnerabilities: No specific vulnerabilities; relies on social engineering and deceptive tactics Malware Used: Lumma Stealer (also known as LummaC2) Threat Score: High (8.5/10) – Due to its advanced evasion techniques, broad targeting capabilities, and widespread

Vietnamese Hackers Use Python Based PXA Stealer for Sensitive Data Theft

Vietnamese Hackers Use Python Based PXA Stealer for Sensitive Data Theft

Threat Group: Vietnamese-speaking threat actors (linked to CoralRaider and Lone None) Threat Type: Information Stealer Exploited Vulnerabilities: Targets sensitive data including credentials, VPNs, FTP clients, browser cookies, and gaming platforms Malware Used: PXA Stealer Threat Score: High (9.0/10) — Comprehensive data theft capabilities and strong targeting focus on government