Tag: Stealer

Trojan:Win32/Fauppod!ml

Trojan:Win32/Fauppod!ml is a generic detection based on machine learning, that flags the activity of a banking trojan

Trojan:Win32/Fauppod!ml is a detection that is based on machine learning and is assigned to an unspecified threat type. Usually such threats are identified by behavior rather than signatures. Nonetheless, this exact malware detection poses a serious hazard, as it appears to flag the activity of a targeted infostealer trojan. Trojan:Win32/Fauppod!ml Overview Trojan:Win32/Fauppod!ml is a generic… Continue reading Trojan:Win32/Fauppod!ml

Meduza Stealer

Meduza Stealer is a new malware sample that has a lot of reasons to become a prolific strain

The Malware world evolves constantly, and it would be reckless to ignore newcomers and their potential. Meduza Stealer appears to be a pretty potent stealer variant with its unique features and marketing model. Additionally, this malware may be considered a firstling of a new malware generation – one which breaks old geolocation filtering rules. What… Continue reading Meduza Stealer

What is Infostealer Malware? Top 5 Stealers in 2024

Infostealer malware such as RedLine, Vidar, and Lumma all gather credentials from various sources on a computers.

The Cybercrime world changes rapidly – both by expanding, collapsing, and evolving extensively and intensively. One of the most massive malware types in the modern threat landscape – Infostealer Malware – appears to enter a new stage of development. Though its major names remain the same, some new malware families with promising features popped out.… Continue reading What is Infostealer Malware? Top 5 Stealers in 2024

Lumma Stealer Spreads Via Fake Browser Updates, Uses ClearFake

Cybercriminals exploit ClearFake framework to create fake browser update windows, that deliver malware

Recent research uncovered a selection of websites that deploy Lumma Stealer under the guise of a browser update. They pose as tutorial pages that offer seemingly correct guides, but then open a malicious JS iframe handled with ClearFake framework. Some of these sites are active for several weeks now. Fake Tutorial Sites Spread Lumma Stealer… Continue reading Lumma Stealer Spreads Via Fake Browser Updates, Uses ClearFake

Trojan:Win32/Mamson.A!ac

We analyzed the Trojan:Win32/Mamson.A!ac and found the way to remove it

Trojan:Win32/Mamson.A!ac is a type of malware designed to gather data from the system it infects. Sometimes, known spyware families get this detection. The malware is typically distributed disguised as helpful utilities that are downloaded from untrustworthy sources. Trojan:Win32/Mamson.A!ac Overview Trojan:Win32/Mamson.A!ac is a Microsoft Defender detection that flags infostealer malware. This type of malicious program aims… Continue reading Trojan:Win32/Mamson.A!ac

Password Stealer

Password stealers may target not only passwords, but also other categories of user data

Password stealer is a type of data stealing malware, that aims at a specific category of information. They are often spread through phishing, malvertising, and sometimes in cracked software. Let’s have a more detailed look on how they work, and how to protect yourself against password stealers. What Is a Password Stealer? As its name… Continue reading Password Stealer

Trojan:Win32/Acll

Trojan:Win32/AcII is a novice sample of spyware/infostealer malware

Trojan:Win32/Acll is a stealer malware detected by Microsoft Defender. It targets sensitive information, login credentials, personal details, and financial data. It spreads through pirated software, malicious ads, or bundles. Trojan:Win32/Acll Overview Trojan:Win32/Acll is a stealer-type malicious software coded in Python. It is designed to extract and transmit sensitive information from devices. Such malware targets a… Continue reading Trojan:Win32/Acll

How to remove Trojan:Script/Wacatac.B!ml

Wacatac is a common noun for a wide group of spyware

Trojan Wacatac is an umbrella detection for a wide range of malicious software, that shares functionality and code. In particular, the Wacatac name points to malware with dropper capabilities that are used to deliver ransomware. Trojan Wacatac Detection Trojan:Script/Wacatac.B!ml and Trojan:Win32/Wacatac.B!ml detection is one of the numerous detection names that Microsoft assigns to minor malware… Continue reading How to remove Trojan:Script/Wacatac.B!ml

Adobe Reader Infostealer Plagues Email Messages in Brazil

Frauds use forged PDF documents to deploy infostealers

A recent email spam campaign reportedly spreads infostealer malware under the guise of Adobe Reader Installer. Within a forged PDF document, there is a request to install Adobe Reader app, that triggers malware downloading and installation. Considering the language of the said documents, this malicious activity mainly targets Portugal and Brazil. Infostealer Spreads in Fake… Continue reading Adobe Reader Infostealer Plagues Email Messages in Brazil

Trojan:Script/Sabsik.fl.A!ml Analysis & Removal Guide

Sabsik is a generic name used by Microsoft Defender for stealer malware with some advanced functionality

Trojan:Script/Sabsik.fl.A!ml is a generic detection name used by Microsoft Defender. This name is particularly used to denote stealer malware that also possesses dropper capabilities. It can perform various activities of the attacker’s choice on the victim’s computer, such as spying, data theft, remote control, and installation of other viruses. In this article, we will tell… Continue reading Trojan:Script/Sabsik.fl.A!ml Analysis & Removal Guide