Verticals Targeted: Cryptocurrency
Regions Targeted: Not Specified
Related Families: None
NimDoor MacOS Malware
Jul 14, 2025 2:34:09 PM / by The Hivemind posted in Threat Bulletin, North Korea, Stealer, Infostealer, Cryptocurrency, social engineering, Stardust Chollima, NimDoor, AppleScript, MacOS malware, Web3, Nim, Zoom phishing
EDDIESTEALER
Jun 9, 2025 12:29:15 PM / by The Hivemind posted in Threat Bulletin, Infostealer, Data Theft, social engineering, Emerging Threat, EDDIESTEALER, Rust Malware, CAPTCHA Campaign, ClickFix, PowerShell Attack, ChromeKatz, Cybersecurity
Verticals Targeted: Not specified
Regions Targeted: Not specified
Related Families: None
Executive Summary
EDDIESTEALER is a Rust-based infostealer distributed through deceptive CAPTCHA campaigns, leveraging social engineering to steal sensitive data like credentials and cryptocurrency wallet details. Its advanced obfuscation and ChromeKatz integration highlight the growing sophistication of commodity malware.
PupkinStealer Leverages Telegram for Data Exfiltration
May 16, 2025 2:16:41 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, Emerging Threat, PupkinStealer
Verticals Targeted: E-commerce
Regions Targeted: Not specified
Related Families: None identified
Executive Summary
PupkinStealer, a .NET-based infostealer written in C#, targets sensitive data such as browser credentials and desktop files, exfiltrating it via Telegram’s Bot API. First observed in April 2025, its simplicity and reliance on legitimate platforms make it a notable threat.
GIFTEDCROOK Stealer Targets Ukraine
Apr 14, 2025 2:00:22 PM / by The Hivemind posted in Ukraine, Threat Bulletin, Espionage, Stealer, Infostealer, GiftedCrook
Verticals Targeted: Military, Law Enforcement, Government
Regions Targeted: Ukraine
Executive Summary
The Computer Emergency Response Team of Ukraine (CERT-UA) has identified a new phishing campaign by UAC-0226, deploying the GIFTEDCROOK stealer through malicious Excel files to compromise Ukrainian institutions. This operation targets sensitive data from military, law enforcement, and local government entities, leveraging socially engineered lures for execution.
FrigidStealer MacOS Stealer
Feb 21, 2025 1:48:14 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, MacOS, Emerging Threat, FrigidStealer
Executive Summary
FrigidStealer is a stealer that targets MacOS devices. It has been active since at least late 2024 and is delivered via web injection campaigns.
Banshee MacOS Stealer
Jan 17, 2025 2:31:03 PM / by The Hivemind posted in Threat Bulletin, Infostealer, MacOS, Banshee
Executive Summary
Banshee is a stealer that targets MacOS systems. The latest variant of Banshee uses a string encryption algorithm that is the same as the one used in Apple’s Xprotect antivirus engine for MacOS systems.
"FakePOC" Infostealer Masquerading as LDAPNightmare PoC Exploit
Jan 13, 2025 3:00:14 PM / by The Hivemind posted in Threat Bulletin, Infostealer, FakePOC, LDAPNightmare
Executive Summary
An infostealer, dubbed “FakePOC”, was recently observed masquerading as an LDAPNightmare proof of concept (PoC) exploit.
PXA Stealer
Nov 22, 2024 1:54:18 PM / by The Hivemind posted in Threat Bulletin, Stealer, Infostealer, PXA Stealer, Vietnam
Verticals Targeted: Government, Education