Info Stealer
What is Info Stealer?
Info StealerMalware that harvests credentials, cookies, tokens, crypto wallets, and other sensitive data from an infected device and exfiltrates it to the attacker.
An info stealer is a malware family focused on quickly gathering and exfiltrating data of value rather than maintaining long-term persistence. Typical targets include saved browser passwords, autofill data, session cookies and OAuth tokens, FTP/SSH clients, cryptocurrency wallets, and messaging app data. Stolen logs are then sold on underground markets and frequently fuel later intrusions, including ransomware. Distribution channels include phishing, cracked software, malicious ads, and drive-by downloads. Defences include endpoint protection with stealer signatures, hardware-bound tokens and FIDO2, browser isolation, password managers, monitoring underground markets for leaks, and prompt password and session resets after detection.
● Examples
- 01
RedLine Stealer harvesting browser logins and crypto wallets.
- 02
Vidar or Raccoon Stealer logs sold on underground marketplaces.
● Frequently asked questions
What is Info Stealer?
Malware that harvests credentials, cookies, tokens, crypto wallets, and other sensitive data from an infected device and exfiltrates it to the attacker. It belongs to the Malware category of cybersecurity.
What does Info Stealer mean?
Malware that harvests credentials, cookies, tokens, crypto wallets, and other sensitive data from an infected device and exfiltrates it to the attacker.
How do you defend against Info Stealer?
Defences for Info Stealer typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Info Stealer?
Common alternative names include: Stealer, Information stealer.