#infostealers — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #infostealers, aggregated by home.social.
-
Ataques silenciosos: así están robando tu información personal
Ataques silenciosos: así están robando tu información personal
San José, 06 abr (elmundo.cr) – Investigadores de ESET analizaron la evolución reciente de los infostealers, un tipo de malware diseñado para robar información sensible como credenciales de acceso, datos financieros o información almacenada en navegadores. A partir de los datos relevado [...]#CienciaYTecnología #ESET #Infostealers #Malware #NFC
https://elmundo.cr/cienciaytecnologia/ataques-silenciosos-asi-estan-robando-tu-informacion-personal/
-
Panorama de la actividad actual de infostealers y el robo de credenciales
Investigadores de ESET analizaron la evolución reciente de los infostealers, un tipo de malware diseñado para robar información sensible como credenciales de acceso, datos financieros o información almacenada en navegadores. A partir de los datos relevados en los últimos ESET Threat Reports, se observa que durante 2025 el panorama de estas amenazas experimentó cambios importantes (Fuente ESET Latam).
Tras el abandono del desarrollo de Agent Tesla por parte de sus creadores, otras familias de malware como Formbook y SnakeStealer tomaron protagonismo en el ecosistema de robo de información. Si bien las detecciones globales de infostealers disminuyeron un 18% durante el segundo semestre de 2025, los especialistas advierten que las campañas se volvieron más sofisticadas, impulsadas por nuevas técnicas de ingeniería social y el uso de inteligencia artificial.
“Los infostealers siguen siendo una de las herramientas favoritas de los cibercriminales porque permiten robar grandes volúmenes de credenciales e información sensible de forma silenciosa. Aunque en el último año vimos una disminución en el volumen de detecciones, también observamos una evolución en su sofisticación, con campañas mejor dirigidas y el uso de nuevas tecnologías para optimizar los ataques”, comenta David González, Especialista en Seguridad Informática de ESET Latinoamérica.
Las familias de malware con mayor impacto en la región
De acuerdo con la telemetría de ESET, estas son algunas de las familias de infostealers con mayor presencia en Latinoamérica:
Formbook (Win/Formbook). Fue la familia más detectada a nivel global al cierre de 2025, con 17,3% del total de detecciones, principalmente distribuida a través de campañas de phishing.
Lumma Stealer (Win/Spy.LummaStealer). Protagonista de ataques masivos dirigidos especialmente a usuarios en México, enfocados en el robo de credenciales y datos almacenados en navegadores.
Agent Tesla (MSIL/Spy.AgentTesla). A pesar de la desaceleración en su desarrollo, continúa siendo ampliamente distribuido mediante descargadores de malware como CloudEyE (GuLoader).
NGate / PhantomCard (Android/Spy.NGate). Una amenaza de spyware móvil orientada principalmente al ecosistema bancario brasileño, con capacidades para robar contactos y datos de tarjetas.
Spy.Banker_(JS/Spy.Banker). Troyanos basados en JavaScript que afectan principalmente a usuarios de servicios financieros y registran una tasa de detección global cercana al 9,5%.
Latinoamérica, un objetivo relevante
El análisis también muestra que Latinoamérica se consolidó como una región de interés para los cibercriminales.
En México, por ejemplo, el 8 de julio de 2025 se registró un pico que concentró el 70% de las detecciones globales de Lumma Stealer, a raíz de una campaña masiva de spam con señuelos en español.
Brasil, por su parte, se posicionó como uno de los principales focos de fraudes mediante tecnología NFC, con malware móvil que suplanta a bancos y plataformas de comercio electrónico.
Otros países de la región también registraron actividad relevante. En Perú, por ejemplo, se detectó un alto volumen de ataques que utilizan la técnica ClickFix, mientras que Chile reportó presencia de NGate, una avanzada herramienta de espionaje vinculada a ataques mediante NFC. En tanto, Colombia y Argentina mantienen una presencia constante en los mapas de detección de infostealers.
Cómo se distribuyen estas amenazas
Entre los principales vectores de infección se destacan:- Phishing y spam localizado, con archivos adjuntos maliciosos que simulan facturas o pedidos.
- ClickFix, una técnica de ingeniería social que muestra falsos errores del sistema o invita a activar un software para dejarlo totalmente funcionable o desbloquear nuevas características de paga; en ambos casos se busca convencer al usuario de ejecutar comandos maliciosos.
- Descargadores de malware, como CloudEyE (GuLoader), que experimentaron un fuerte crecimiento durante el segundo semestre de 2025.
- Sitios web fraudulentos, que suplantan tiendas oficiales como Google Play para distribuir aplicaciones maliciosas.
Conclusión
#ciberseguridad #eset #Infostealers #latam #PORTADA
Durante 2025 los infostealers redujeron su volumen, pero aumentaron en sofisticación, impulsados por el uso de inteligencia artificial y el crecimiento del modelo Malware-as-a-Service (MaaS). En este contexto, Latinoamérica se consolidó como un objetivo clave para los cibercriminales. De cara a 2026, los especialistas destacan la importancia de reforzar la protección de credenciales, mejorar la detección temprana de estas amenazas y fortalecer la seguridad en entornos móviles y tecnologías como NFC, cada vez más utilizadas en ataques financieros. -
#Claude #LLM artifacts abused to push #Mac #infostealers in #ClickFix attack
#cybersecurity #AI #MacOS #Apple #malvertising #advertising #GoogleAds
-
This campaign reinforces a critical shift: infostealers are no longer just credential hunters - they’re context harvesters.
AI agents storing plaintext memories, tokens, and configs create a rich target set for commodity malware. Once a host is compromised, attackers don’t need exploits - just file access.
💬 How should AI agent data be classified in security models?
🔔 Follow TechNadu for threat-focused, non-sensational analysis#InfoSec #ThreatModeling #AIrisk #Infostealers #EndpointSecurity #MaaS #TechNadu
-
Enterprise credentials exposed by infostealers #CyberSecurity #InfoStealers
https://betanews.com/article/enterprise-credentials-exposed-by-infostealers/
-
PcComponentes confirms incident was credential stuffing — not a system breach.
Attackers used historical infostealer logs to access accounts and scrape PII.
Thoughts?
#CredentialStuffing #Infostealers #InfoSec -
PcComponentes confirms incident was credential stuffing — not a system breach.
Attackers used historical infostealer logs to access accounts and scrape PII.
Thoughts?
#CredentialStuffing #Infostealers #InfoSec -
PcComponentes confirms incident was credential stuffing — not a system breach.
Attackers used historical infostealer logs to access accounts and scrape PII.
Thoughts?
#CredentialStuffing #Infostealers #InfoSec -
PcComponentes confirms incident was credential stuffing — not a system breach.
Attackers used historical infostealer logs to access accounts and scrape PII.
Thoughts?
#CredentialStuffing #Infostealers #InfoSec -
Researchers say a lone attacker accessed internal systems at around 50 companies worldwide using infostealer malware and stolen credentials, often where MFA was not enabled, and is offering the access for sale.
Read: https://hackread.com/lone-hacker-infostealers-global-companies-data/
-
На маркетплейсі Microsoft для Visual Studio Code знайшли два шкідливі розширення, які заражають машини розробників стилерами. Малвар вміє робити скріншоти, красти паролі та криптогаманці, а також перехоплювати браузерні сесії.
The VS Code Malware That Captures Your Screen | Koi Blog
https://www.koi.ai/blog/the-vs-code-malware-that-captures-your-screen -
The hidden costs of illegal streaming and modded Amazon Fire TV Sticks https://www.malwarebytes.com/blog/news/2025/11/illegal-streaming-is-costing-people-real-money-research-finds #infostealers #FireSticks #streaming #Threats #News
-
Lees tip -> Operatie Endgame schakelt grote cybernetwerken uit | In Operatie Endgame zijn grote cybernetwerken uitgeschakeld, met aanhoudingen, neergehaalde servers en verstoring van infostealers, botnets en RAT’s door internationale samenwerking. | #botnet #cybercrime #Europol #hacking #infostealers #internationalesamenwerking #OperatieEndgame #politie #ransomware #Rhadamanthys #VenomRAT |
https://hbpmedia.nl/operatie-endgame-cybernetwerken-uitgeschakeld/
-
Fake CAPTCHA sites now have tutorial videos to help victims install malware https://www.malwarebytes.com/blog/news/2025/11/fake-captcha-sites-now-have-tutorial-videos-to-help-victims-install-malware #infostealers #fakeCaptcha #clickfix #Threats #News
-
Rival hackers have doxxed the alleged operators behind #LummaStealer, one of the biggest data-theft malware services. The leaks have caused internal chaos and slowed its growth.
Read: https://hackread.com/rival-hackers-dox-lumma-stealer-operators/
-
How infostealers have changed the cybersecurity landscape #CyberSecurity #Infostealers
https://betanews.com/2025/10/22/how-infostealers-have-changed-the-cybersecurity-landscape/
-
A seemingly routine tool update could be a trap—malware like AMOS and Odyssey are stealthily targeting macOS developers and snatching credentials and source code. Are you prepared for this new wave of cyber threats?
https://thedefendopsdiaries.com/the-rise-of-infostealers-amos-and-odyssey-target-macos-developers/
#macossecurity
#infostealers
#cyberthreats
#amosmalware
#odysseymalware -
The Register: FileFix attacks use fake Facebook security alerts to trick victims into running infostealers. “An attack called FileFix is masquerading as a Facebook security alert before ultimately dropping the widely used StealC infostealer and malware downloader on Windows machines.”
-
The Register: FileFix attacks use fake Facebook security alerts to trick victims into running infostealers. “An attack called FileFix is masquerading as a Facebook security alert before ultimately dropping the widely used StealC infostealer and malware downloader on Windows machines.”
-
The Register: FileFix attacks use fake Facebook security alerts to trick victims into running infostealers. “An attack called FileFix is masquerading as a Facebook security alert before ultimately dropping the widely used StealC infostealer and malware downloader on Windows machines.”
-
I grew tired of feeling helpless against supply-chain attacks that steal credentials (#infostealers), so I created a program that reliably detects & stops them on macOS, Linux, and other OS's. What should I call it?
-
A major leak has revealed the operations behind North Korea’s state-linked IT workforce.
Slack logs and spreadsheets show how coders apply for remote gigs worldwide, sending back an estimated $600M/year to fund a heavily sanctioned regime.
#NorthKorea #CyberThreatIntel #Infostealers #sanctionsevasion #APT
-
A major leak has revealed the operations behind North Korea’s state-linked IT workforce.
Slack logs and spreadsheets show how coders apply for remote gigs worldwide, sending back an estimated $600M/year to fund a heavily sanctioned regime.
#NorthKorea #CyberThreatIntel #Infostealers #sanctionsevasion #APT
-
I have this low effort/quality blog, where I weekly post about infostealers: cryptolek.info. One of the sections in stealer posts is "Marketplace Updates," where I grab some numbers from the marketplaces, like numbers of victims based on stealers, top 5 countries, and Nordic countries.
2 weeks ago, I was chatting with a friend and decided I could just post numbers for all the countries. If you need numbers of victims per country on Russian Market and Exodus Market, for your "threat intel" needs, here's a CryptPad spreadsheet:
https://cryptpad.fr/sheet/#/2/sheet/view/Nb6mNBqf9DvzyI8BnlkjvTx-MwEmycXPsqHvrU22iUM/embed/ -
PC World: A U.S. startup is selling your stolen data to anyone with $50. “That company is Farnsworth Intelligence, an ‘open-source intel’ startup from 23-year-old founder Aidan Raney. And it’s not being coy about what it’s doing. The company’s primary consumer-level product is called ‘Infostealers,’ and it’s hosted at Infostealers.info. (Yup, what a URL.) According to an exposé from […]
-
Former #1 Movie Piracy Site “Strongly Linked” to Global Infostealer Activity
-
Artikel Cybercrimeinfo: https://www.ccinfo.nl/menu-onderwijs-ontwikkeling/cybercrime/2603946_156-meer-identiteitsdiefstal-hoe-phishing-as-a-service-en-infostealers-mfa-omzeilen-om-je-bankrekening-en-email-te-hacken
Podcast Spotify: https://open.spotify.com/episode/7tY2cjpUfysMeBiKTNkG4l?si=23f0908dcb314e27
Podcast Youtube: https://youtu.be/o0GcyXfFFGA
#identiteitsdiefstal #phishingasaservice #infostealers #cybercrime #Cybersecurity
-
Shellter Elite, built for ethical hackers, is now abused by cybercriminals after a customer leaked it.
Read: https://hackread.com/leaked-shellter-elite-tool-infostealer-attacks-worldwide/
#CyberSecurity #ShellterElite #CyberCrime #InfoStealers #Malware
-
Infostealers-as-a-Service Push Identity Hacks to Record Highs https://hackread.com/infostealers-as-a-service-identity-hacks-record-highs/ #IdentityProtection #Cybersecurity #PhishingScam #Infostealers #CyberAttack #Security #Phishing #security #Malware #Privacy
-
Infostealers-as-a-Service Push Identity Hacks to Record Highs https://hackread.com/infostealers-as-a-service-identity-hacks-record-highs/ #IdentityProtection #Cybersecurity #PhishingScam #Infostealers #CyberAttack #Security #Phishing #security #Malware #Privacy
-
Infostealers-as-a-Service Push Identity Hacks to Record Highs – Source:hackread.com https://ciso2ciso.com/infostealers-as-a-service-push-identity-hacks-to-record-highs-sourcehackread-com/ #1CyberSecurityNewsPost #IdentityProtection #CyberSecurityNews #cybersecurity #Infostealers #PhishingScam #CyberAttack #Hackread #Phishing #security #malware #privacy
-
Infostealers-as-a-Service Push Identity Hacks to Record Highs – Source:hackread.com https://ciso2ciso.com/infostealers-as-a-service-push-identity-hacks-to-record-highs-sourcehackread-com/ #1CyberSecurityNewsPost #IdentityProtection #CyberSecurityNews #cybersecurity #Infostealers #PhishingScam #CyberAttack #Hackread #Phishing #security #malware #privacy
-
Infostealers-as-a-Service and phishing kits push identity hacks to record highs with a 156% jump in login attacks, says new report.
Read: https://hackread.com/infostealers-as-a-service-identity-hacks-record-highs/
#CyberSecurity #Infostealers #Phishing #Malware #CyberAttack
-
Infostealers blamed for surge in identity attacks #CyberSecurity #Infostealers
https://betanews.com/2025/07/07/infostealers-blamed-for-surge-in-identity-attacks/
-
When Cybernews published an article about a 16 billion credentials leak, some of us strongly criticized the article as irresponsible and misleading journalism. Although some people have tried to suggest that the Cybernews article had some value in highlighting infostealers, the article was so riddled with falsehoods and misleading statements that the confusion and misunderstandings it created outweighs any benefit one might try to ascribe to it.
To his credit, @JayeLTee and a colleague have taken the time to analyze the datasets used in Cybernews‘ reporting and to fact-check their reporting with actual data and proof from their own research.
He has now written up their findings, in which they identified no less than five significant false claims by Cybernews. You can read his report here:
https://jltee.substack.com/p/fact-checking-claims-by-cybernews
-
As much as I generally detest claims that something should be a wake-up call, @lawrenceabrams response to @cybernews "16 billion" story really should be a wake-up call for any news outlets who repeat any claims of discovered leaks or breaches by Cybernews.
DataBreaches.net will no longer link to Cybernews unless there is some reliable source that confirms that their claims are accurate and that they are not just reporting on leaks that they haven't even seriously tried to get locked down before they report on it.
#journalism #databreach #dataleak #infostealers #passwords #hype #clickbait #ethics
-
Epic 16B login #leak nobody heard about | Cybernews
Several collections of login #credentials reveal one of the largest data breaches in history, totaling a humongous 16 billion exposed login credentials. The data most likely originates from various #infostealers.
#privacy #security #databreachhttps://cybernews.com/security/billions-credentials-exposed-infostealers-data-leak/
-
Billions of logins for Apple, Google, Facebook, Telegram, and more found exposed online https://www.malwarebytes.com/blog/news/2025/06/billions-of-logins-for-apple-google-facebook-telegram-and-more-found-exposed-online #logincredentials #infostealers #16billion #Privacy #News
-
Authorities carry out global takedown of infostealer used by cybercriminals - A consortium of global law enforcement agencies and tech com... - https://arstechnica.com/security/2025/05/authorities-carry-out-global-takedown-of-infostealer-used-by-cybercriminals/ #infostealers #infostealer #syndication #security #biz #cisa
-
NEW: Check Point’s April 2025 malware report reveals increasingly sophisticated attacks using familiar malware like FakeUpdates, Remcos, and AgentTesla. #Education remains the top targeted sector.
Read: https://hackread.com/fakeupdates-remcos-agenttesla-malware-attack-charts/
-
Lumma Stealer – Tracking distribution channels – Source: securelist.com https://ciso2ciso.com/lumma-stealer-tracking-distribution-channels-source-securelist-com/ #rssfeedpostgeneratorecho #MalwareDescriptions #MalwareTechnologies #CyberSecurityNews #Cryptocurrencies #IncidentResponse #Windowsmalware #securelistcom #Trojanstealer #Infostealers #Malvertizing #TIandIRposts #Phishing #Telegram #CAPTCHA #Malware #Trojan #Lumma #SOC
-
Lumma Stealer – Tracking distribution channels – Source: securelist.com https://ciso2ciso.com/lumma-stealer-tracking-distribution-channels-source-securelist-com/ #rssfeedpostgeneratorecho #MalwareDescriptions #MalwareTechnologies #CyberSecurityNews #Cryptocurrencies #IncidentResponse #Windowsmalware #securelistcom #Trojanstealer #Infostealers #Malvertizing #TIandIRposts #Phishing #Telegram #CAPTCHA #Malware #Trojan #Lumma #SOC
-
Lumma Stealer – Tracking distribution channels – Source: securelist.com https://ciso2ciso.com/lumma-stealer-tracking-distribution-channels-source-securelist-com/ #rssfeedpostgeneratorecho #MalwareDescriptions #MalwareTechnologies #CyberSecurityNews #Cryptocurrencies #IncidentResponse #Windowsmalware #securelistcom #Trojanstealer #Infostealers #Malvertizing #TIandIRposts #Phishing #Telegram #CAPTCHA #Malware #Trojan #Lumma #SOC
-
Lumma Stealer – Tracking distribution channels – Source: securelist.com https://ciso2ciso.com/lumma-stealer-tracking-distribution-channels-source-securelist-com/ #rssfeedpostgeneratorecho #MalwareDescriptions #MalwareTechnologies #CyberSecurityNews #Cryptocurrencies #IncidentResponse #Windowsmalware #securelistcom #Trojanstealer #Infostealers #Malvertizing #TIandIRposts #Phishing #Telegram #CAPTCHA #Malware #Trojan #Lumma #SOC
-
Arcane stealer: We want all your data – Source: securelist.com https://ciso2ciso.com/arcane-stealer-we-want-all-your-data-source-securelist-com/ #rssfeedpostgeneratorecho #MalwareDescriptions #MalwareTechnologies #CyberSecurityNews #Malwarereports #securelistcom #Trojanstealer #Infostealers #Webthreats #datatheft #Discord #YouTube #Arcane #Trojan
-
Understanding the ClickFix Phishing Threat to the Hospitality Industry
#clickfix
#phishingthreat
#hospitalitysecurity
#cyberdefense
#infostealers -
Understanding the ClickFix Phishing Threat to the Hospitality Industry
#clickfix
#phishingthreat
#hospitalitysecurity
#cyberdefense
#infostealers -
Macs targeted by info stealers in new era of cyberthreats https://www.malwarebytes.com/blog/apple/2025/02/macs-targeted-by-info-stealers-in-new-era-of-cyberthreats #Atomicstealer #infostealers #poseidon #Apple #amos
