Related Families: CryptBot, LummaC2, Rhadamanthys
Verticals Targeted: Technology, Defense
CoralRaider's Stealer Spree
May 3, 2024 1:53:10 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, LummaC2, Rhadamanthys, CryptBot, CoralRaider
StrelaStealer Campaign Targeted US and EU
Apr 1, 2024 2:28:11 PM / by The Hivemind posted in Threat Bulletin, Government, Stealer, Energy, Manufacturing, Legal Services, Insurance, Construction, StrelaStealer, Email, Finance
Verticals Targeted: Technology, Finance, Legal Services, Manufacturing, Government, Energy, Insurance, Construction
Executive Summary
StrelaStealer was recently used in a widespread campaign targeting over 100 entities in the US and EU. The newest version of StrelaStealer is more advanced than previous versions and includes features to help thwart analysis.
Rhadamanthys Targeting ONG Sector
Mar 8, 2024 1:36:26 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, Stealer, Phishing, Energy, ONG, Oil & Gas, Rhadamanthys
Verticals Targeted: Oil & Gas, Energy, Critical Infrastructure
LummaC2
Dec 1, 2023 12:48:51 PM / by The Hivemind posted in Threat Bulletin, Stealer, LummaC2, Lumma
Executive Summary
A new variant of LummaC2 was observed using a unique trigonometry-based anti-sandboxing technique.
Realst MacOS Infostealer
Aug 7, 2023 2:41:09 PM / by The Hivemind posted in Blockchain, Threat Bulletin, Stealer, Infostealer, Gaming, MacOS, Realst
Executive Summary
MacStealer Targeting MacOS Devices
Apr 6, 2023 4:06:25 PM / by The Hivemind posted in Threat Bulletin, Stealer, MacOS, Mac, MacStealer
Executive Summary
Fake Cracked Software Sites Delivering Stealers
Jan 24, 2023 11:02:41 AM / by PolySwarm Tech Team posted in Threat Bulletin, Stealer, Infostealer, Racoon
Related Families: Raccoon, Vidar
Executive Summary
Sekoia recently reported on a campaign leveraging fake cracked software sites to deliver information stealers, including Raccoon and Vidar.
Mars Stealer Malware Targeting Crypto
Aug 18, 2022 12:04:52 PM / by PolySwarm Tech Team posted in Threat Bulletin, Stealer, Cryptocurrency, Atomic Wallet, Mars stealer
Executive Summary
A malware researcher on Twitter, @ViriBack, recently discovered a fake Atomic Wallet site distributing Mars Stealer.
Key Takeaways