All things infostealers. Week 46, 2024


A brief look at all things infostealers for the week 46, 2024 (11.11.2024–17.11.2024). This week was primarily interesting due to vendor articles about discovery of new infostealers. And when it comes to our old folks, I have kinda spotted 3 updates: Vidar, Xerph and MintStealer. The later one made an announcement of releasing stealer on 18th November. In addition, several infostealer devs made posts on XSS forum saying that they have too many updates in their products and they are not posting every update.

Vidar Update

Note: The update posts are copy-pasted as is (and machine-translated if post wasn’t available in English)

Update 11.6

Fixed few bugs and updated proxies

Fixed:

  1. Fixed google token collection
  2. Optimized cookie collection
  3. Changed proxies and cleaned up the build

Screenshot from XSS forum

Xerph Update

Note: The update posts are copy-pasted as is (and machine-translated if post wasn’t available in English)

**Xerph 1.1.3 Loader + Stealer (Update) >>
*Changes:*
Added +5 more recoverable wallets:
TerracoinCore
Terracoin
Infinitecoin
Goldcoin
Devcoin
Added +2 more recoverable browsers:
Opera Stable
Opera GX

Screenshot from XSS forum

MintStealer Update

Announcement of MintStealer release scheduled to 18 November 2024.

Screenshot from MintStealer’s Telegram channel

Articles/News

New PXA Stealer targets government and education sectors for sensitive information

  • https://blog.talosintelligence.com/new-pxa-stealer/

Glove Stealer: Leveraging IElevator to Bypass App-Bound Encryption & Steal Sensitive Data

  • https://www.gendigital.com/blog/insights/research/glove-stealer

Strela Stealer: Today’s invoice is tomorrow’s phish

  • https://securityintelligence.com/x-force/strela-stealer-todays-invoice-tomorrows-phish/