Insights, news, education and announcements from PolySwarm | PupkinStealer

PupkinStealer Leverages Telegram for Data Exfiltration

May 16, 2025 2:16:41 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, Emerging Threat, PupkinStealer

Verticals Targeted: E-commerce
Regions Targeted: Not specified
Related Families: None identified

Executive Summary

PupkinStealer, a .NET-based infostealer written in C#, targets sensitive data such as browser credentials and desktop files, exfiltrating it via Telegram’s Bot API. First observed in April 2025, its simplicity and reliance on legitimate platforms make it a notable threat.

Read More