infostealers Archives

Tech Optimizer

June 13, 2025

It’s time to stop believing these lies about antivirus software

The proliferation of social media misinformation, deep fakes, and sophisticated phishing attacks has made online safety challenging. Many individuals hold outdated beliefs about cybersecurity, such as the myth that Macs are immune to viruses and that caution alone can replace antivirus software. Regardless of the operating system, using a robust antivirus program is recommended, as built-in security features are not foolproof. Third-party antivirus software can provide additional functionalities like parental controls and VPN services, but they are not a complete safety net. Users must remain vigilant and practice good cybersecurity hygiene, including regular scans, strong passwords, and recognizing phishing attempts. Modern antivirus programs have become more user-friendly and less resource-intensive. Some malware can operate stealthily, making detection difficult, which emphasizes the need for regular scans and monitoring personal accounts for unusual activity. Antivirus protection should extend to mobile devices as well, as they are also vulnerable to cyber threats. Users should check if their antivirus program covers mobile devices and familiarize themselves with security settings on their smartphones.

AppWizard

June 11, 2025

Experts warn GTA and Minecraft being used to lure in cyberattack victims – here’s how to stay safe

Cybersecurity experts have reported a significant increase in game-themed malware targeting the gaming community, especially younger players. From April 1, 2024, to March 31, 2025, there were over 19 million attempts to download malicious files disguised as popular games, affecting around 400,000 individuals globally. Grand Theft Auto V (GTA V) was the most targeted game, with nearly 4.5 million attack attempts, followed by Minecraft with 4.1 million, Call of Duty (CoD) with 2.6 million, and The Sims with 2.4 million. Cybercriminals exploit established games and lure victims with fake offers, often leading to infostealers, cryptocurrency hijackers, backdoors, and Trojans. Kaspersky advises gamers to avoid pirated content and be cautious of suspicious offers.

Tech Optimizer

April 30, 2025

Malwarebytes Launches Global Strategic Partner Program Offering Organizations a One-stop Shop for Personal Security, Privacy, and Identity Solutions

Malwarebytes has launched a partnership initiative aimed at providing financial institutions, HR benefit providers, and internet service providers with personal security, privacy, and identity solutions in response to rising online fraud, which has led to financial losses of .5 billion over the past year for one in three individuals. The program offers AI-powered consumer security solutions to protect devices from various threats and allows partners to choose from a range of options or create custom solutions. Key features include a comprehensive cybersecurity platform, advanced mobile security, and flexible integration options. Eero is one of the first partners to integrate Malwarebytes Premium Security into its eero Plus subscription service, enhancing online security for its subscribers.

Winsage

April 20, 2025

587 Windows Vulnerabilities — A Microsoft Security Record Breaker

Microsoft has reported a record number of 1,360 security vulnerabilities for its products in 2024, marking an 11% increase from 2023. This includes 587 vulnerabilities in Windows (33 classified as critical) and 684 in Windows Server (43 classified as critical). The increase in reported vulnerabilities suggests that security researchers are effectively identifying weaknesses, and Microsoft has invested over a million dollars in bounties to encourage this. The proactive communication and remediation process during Patch Tuesday enhances security, indicating that Microsoft is committed to addressing vulnerabilities rather than being indifferent to user security.

Tech Optimizer

April 18, 2025

Breached Identities and Infostealers: One of the Largest Ongoing Data Leak in History

Breached identities due to infostealer malware are a significant threat to corporate information security in 2024. Infostealers are a type of remote access trojan that exfiltrate sensitive data, including saved credentials, session cookies, browser history, crypto wallet information, screen captures, and host data. Infections often stem from downloading cracked software, malicious advertising, fake Windows updates, and repackaged games. Infostealers do not require local administrative privileges, making them easy to execute. Threat actors primarily aim to profit from breached bank accounts and crypto wallets, often bypassing multi-factor authentication by targeting session cookies. They also seek credentials for subscription services and corporate access. Research shows that 90% of breached companies had leaked corporate credentials in a stealer log, with 78% experiencing leaks within six months of a breach. In comparison, 76% of similar companies without breaches had experienced a corporate stealer log compromise. The investigation identified high-criticality credentials from various corporate applications, indicating that a single user often has access to multiple credentials. The rise of infostealer malware represents a broad threat, encompassing a wide range of sensitive data. Organizations are advised to implement strategies such as restricting download privileges, avoiding illegal content, disabling macros, and regularly updating software to mitigate risks associated with infostealer malware.

Tech Optimizer

March 27, 2025

This dangerous new Windows malware hides from your antivirus while impersonating a popular PC brand

A new strain of malware called CoffeeLoader targets Windows users by pretending to be an ASUS utility, specifically imitating ASUS's Armoury Crate. It has sophisticated evasion techniques that allow it to bypass antivirus software. Once installed, it deploys infostealers like Rhadamanthys Infostealer to extract sensitive information. CoffeeLoader operates undetected by executing code on the GPU instead of the CPU, using Call Stack Spoofing to disguise its activities, and employing Sleep Obfuscation to encrypt itself in memory when inactive. It also exploits Windows Fibers to evade detection. To protect against CoffeeLoader, users should download Armoury Crate only from the official ASUS website and be cautious of deceptive links and ads that may lead to malware installation.

AppWizard

March 24, 2025

Malicious Game Infects Steam Users With Info-Stealing Malware

Steam removed the game Sniper: Phantom's Resolution due to a security breach involving malware designed to extract sensitive user information. The malware was disguised as a legitimate Windows process and employed tactics like executing Node.js scripts and establishing startup persistence. A month earlier, another game, PirateFi, was found to be spreading the Vidar infostealer, affecting up to 1,500 users. Both incidents highlight the risks associated with malware hosted on trusted platforms like Steam, which may exploit vulnerabilities in submission processes. Users often identified suspicious behavior before the platforms did, indicating delayed detection and response times. The lack of timely communication regarding breaches further exacerbates user concerns.

Tech Optimizer

March 18, 2025

FBI: Free file converter sites and tools deliver malware

Malware peddlers are targeting users searching for free file converter services, as reported by the FBI’s Denver Field Office. Cyber criminals use deceptive websites that promise file conversion but may deliver malware, allowing unauthorized access to victims' computers and extracting personal identifying information (PII), banking details, and passwords. Users are advised to keep antivirus software updated and scan downloaded files. A list of flagged domains includes: - Imageconvertors[.]com (Phishing) - Convertitoremp3[.]it (Riskware) - Convertisseurs-pdf[.]com (Riskware) - Convertscloud[.]com (Phishing) - Convertix-api[.]xyz (Trojan) - Convertallfiles[.]com (Adware) - Freejpgtopdfconverter[.]com (Riskware) - Primeconvertapp[.]com (Riskware) - 9convert[.]com (Riskware) - Convertpro[.]org (Riskware) Users affected by malware are encouraged to contact their financial institutions and change passwords.

Tech Optimizer

March 12, 2025

Malware steals bank cards and passwords from millions of devices

Infostealer malware has become a major cybersecurity threat, with around 25 million users targeted between early 2023 and the end of 2024. These malware variants capture sensitive information, including bank card details and passwords, with nearly 26 million devices affected during this period, resulting in over 2 million unique bank card details leaked. One in every 14 infections compromised bank card data, passwords, and second-factor authentication cookies. In 2024, infections increased significantly, with RisePro's share rising from 1.4% to 22.45% and Stealc from 2.65% to 13.33%. Redline remained the most prevalent infostealer, responsible for 34.36% of infections. By August 2024, an estimated 15.9 million devices had been affected in 2023, increasing to 16.49 million by March 2025. Over 9 million infections were tracked in 2024, with final counts expected to exceed those of 2023. To protect sensitive information, it is recommended to invest in robust antivirus software, use virtual cards for online transactions, set up transaction alerts and spending limits, avoid storing card details in browsers, use strong and unique passwords, and consider personal data removal services.

Tech Optimizer

March 3, 2025

New malware exploits fake updates to steal data

Recent developments indicate that Mac users are facing an escalating threat from malware designed for macOS systems, particularly with the emergence of a strain called FrigidStealer. This malware spreads through deceptive browser update prompts on compromised websites, leading users to download a malicious DMG file that seeks elevated privileges to steal sensitive information. Cybersecurity firm Proofpoint has traced the operations of FrigidStealer to two threat actors: TA2726, a traffic distribution service provider, and TA2727, which delivers the malware. This campaign also targets Windows and Android devices, indicating a multi-platform strategy. Additionally, the rise of infostealer malware has compromised approximately 330 million credentials in 2024, with around 3.9 billion credentials circulating from infostealer logs. Users are advised to adopt protective measures, including being cautious of fake software updates, enabling two-factor authentication, using password managers, and exercising caution with downloads and links.