Information-stealing operations unveiled over the past 12 months have been gaining traction amid the continued dominance of the Raccoon, RedLine, and Vidar info stealers, according to BleepingComputer.
Included among the emergent info stealers is Titan, a Go-based stealer with the capability to exfiltrate data from 20 different web browsers, which has amassed more than 600 subscribers on its Telegram channel since its initial appearance in November, a KELA report showed. Operators of Titan have also been continuously updating the stealer, with the latest version released in March and an upcoming version teased the following month.
On the other hand, more than 70 browsers, two-factor authentication extensions, and cryptocurrency wallets are being targeted by the LummaC2 stealer, which has been sold via RussianMarket in February after being rebooted on Telegram in January.
More threat actors have also been using the Stealc stealer that features automated exfiltration for 75 plugins, 25 desktop wallets, and 22 web browsers, while the WhiteSnake stealer for Windows and Linux systems has gained more than 750 Telegram subscribers. Such stealers have been gaining traction due to competitive pricing, ensuring the continued popularity of malware-as-a-service operations, said KELA researchers.
Malicious updates have been recently issued to the Python Package Index package "django-log-tracker," which was last modified in April 2022, to facilitate the distribution of the Nova Sentinel information-stealing malware, The Hacker News reports.