A brief look at all things infostealers for the week 46, 2024 (11.11.2024–17.11.2024). This week was primarily interesting due to vendor articles about discovery of new infostealers. And when it comes to our old folks, I have kinda spotted 3 updates: Vidar, Xerph and MintStealer. The later one made an announcement of releasing stealer on 18th November. In addition, several infostealer devs made posts on XSS forum saying that they have too many updates in their products and they are not posting every update.
Vidar Update
Note: The update posts are copy-pasted as is (and machine-translated if post wasn’t available in English)
Update 11.6
Fixed few bugs and updated proxies
Fixed:
- Fixed google token collection
- Optimized cookie collection
- Changed proxies and cleaned up the build
Screenshot from XSS forum
Xerph Update
Note: The update posts are copy-pasted as is (and machine-translated if post wasn’t available in English)
**Xerph 1.1.3 Loader + Stealer (Update) >>
*Changes:*
Added +5 more recoverable wallets:
TerracoinCore
Terracoin
Infinitecoin
Goldcoin
Devcoin
Added +2 more recoverable browsers:
Opera Stable
Opera GX
Screenshot from XSS forum
MintStealer Update
Announcement of MintStealer release scheduled to 18 November 2024.
Screenshot from MintStealer’s Telegram channel
Articles/News
New PXA Stealer targets government and education sectors for sensitive information
- https://blog.talosintelligence.com/new-pxa-stealer/
Glove Stealer: Leveraging IElevator to Bypass App-Bound Encryption & Steal Sensitive Data
- https://www.gendigital.com/blog/insights/research/glove-stealer
Strela Stealer: Today’s invoice is tomorrow’s phish
- https://securityintelligence.com/x-force/strela-stealer-todays-invoice-tomorrows-phish/