Follow on X RSS Feed

Infostealer

A collection of 2 posts
Fake Claude Code Install Guide Hides MacSync Infostealer in Active Google Ads Campaign
macOS Malware

Fake Claude Code Install Guide Hides MacSync Infostealer in Active Google Ads Campaign

GroupAttribution unconfirmed; compromised Malaysian company's Google Ads account used as delivery infrastructure proxyTypeMalvertising / ClickFix Infostealer Campaign — cross-platform macOS and WindowsMalwareMacSync — macOS Malware as a Service infostealer targeting browser credentials, Keychain databases, session cookies, and cryptocurrency wallets; Trojan.Stealer.GJ / Trojan.Stealer.GK — Windows credential stealers delivered via mshta.
9 min read
Storm Infostealer Ships Your Browser Credentials Home Before Decrypting Them
Infostealer

Storm Infostealer Ships Your Browser Credentials Home Before Decrypting Them

GroupUnknown cybercriminal operator(s); attribution unconfirmedTypeInfostealer-as-a-ServiceMalwareStorm; a session-hijacking credential stealer that exfiltrates encrypted browser data to attacker infrastructure for server-side decryption, bypassing Chrome App-Bound Encryption and endpoint detectionScore🟠 8.5 High. Actively deployed against confirmed victims across at least six countries, defeats Google Chrome's App-Bound Encryption, renders MFA
8 min read