Info Stealer

An info stealer is a malware family focused on quickly gathering and exfiltrating data of value rather than maintaining long-term persistence. Typical targets include saved browser passwords, autofill data, session cookies and OAuth tokens, FTP/SSH clients, cryptocurrency wallets, and messaging app data. Stolen logs are then sold on underground markets and frequently fuel later intrusions, including ransomware. Distribution channels include phishing, cracked software, malicious ads, and drive-by downloads. Defences include endpoint protection with stealer signatures, hardware-bound tokens and FIDO2, browser isolation, password managers, monitoring underground markets for leaks, and prompt password and session resets after detection.