Press ESC to close

Stealer here, stealer there, stealers everywhere!

CategoryDetails
Threat ActorsCybercriminals distributing information stealers, often via subscription services for novice hackers.
Campaign OverviewDistribution of information stealers like Kral, AMOS, and Vidar via malvertising, phishing, and DLL hijacking.
Target Regions (Or Victims)Personal and corporate devices worldwide, with notable targets in Brazil for Vidar.
MethodologyMalicious ads, phishing, fake websites, malvertising, DLL hijacking, deceptive dialog boxes for password theft.
Product TargetedCryptocurrency wallets, browser data, system credentials, and macOS user passwords.
Malware ReferenceKral stealer, AMOS stealer, Vidar, ACR stealer, Penguish downloader.
Tools UsedC++, Delphi (Kral downloader), DMG files, bash processes (AMOS), DLL hijacking, password-protected archives.
Vulnerabilities ExploitedDLL hijacking (Vidar), fake websites, deceptive dialog boxes (AMOS).
TTPsMalvertising, phishing, password-stealing, DLL hijacking, exfiltration via encrypted payloads.
AttributionUnattributed, but linked to widespread cybercriminal activities.
RecommendationsUse 2FA, avoid downloading from unofficial sources, use unique passwords, double-check websites before download.
SourceSecurelist by Kaspersky

Read full article: https://securelist.com/kral-amos-vidar-acr-stealers/114237/

The above summary has been generated by an AI language model

Leave a Reply

Your email address will not be published. Required fields are marked *

Buy Me A Coffee
Thank you for visiting. You can now buy me a coffee!
Close

Stay Updated with Our Newsletter