A "multi-faceted campaign" has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar, Lumma (aka LummaC2), and Octo by impersonating credible software like 1Password, Bartender 5, and Pixelmator Pro. Multiple malware variants suggest a broad cross-platform targeting strategy, while the overlapping C2 infrastructure points to a centralized command setup, possibly increasing the efficiency of
stealer malware (3)
A new "All-in-One" stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed to other threat actors to steal data and files from Windows systems. It includes several modules that all work via an FTP service. The new stealer also contains environment checking and Anti-VM functions. Its primary purpose seems to be to steal browser data and information from compromised endpoints and then upload it to the attacker's FTP server."
The researchers said they observed a surge
Recently, cyber threat actors have been observed using AI-generated YouTube Videos to spread various stealer malware such as Raccoon, RedLine, and Vidar. The videos lure users by pretending to be tutorials on downloading cracked software versions such as Photoshop, Premiere Pro, Autodesk 3ds Max, AutoCAD, and other licensed products available only to paid users. Nothing is free on the Internet; you may be paying with a malware infection.
