X-Industry

Many game makers allow users to alter a game's appearance or behavior to increase its enjoyment and replay value.  Players can often also download packages created by others.  However, this is also a chance for attackers to distribute their malware. The below report examines a batch stealer distributed via a crafted Minecraft source pack.

The zEus stealer malware has been added to a source pack shared on YouTube. The name—zEus—is from a previous variant of this malware. The variant (d9d394cc2a74

Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat actors behind the malware are actively enhancing its capabilities. It looks like Atomic Stealer was updated around mid to late December 2023, where its developers introduced payload encryption to bypass detection rules.

Atomic Stealer first emerged in April 2023 for a monthly subscription of $1,000. It's capable of harvesting sensitive information from a

A new malware loader is being used by threat actors to deliver a wide range of information stealers such as Lumma Stealer (aka LummaC2), Vidar, RecordBreaker (aka Raccoon Stealer V2), and Rescoms.  This malware is a loader with three types of components: a downloader that downloads an encrypted payload, a loader that runs the payload from internal resources, and another loader that runs the payload from an external file on the disk.  Telemetry data gathered by investigators shows that detections