All things infostealers. Week 49, 2024


A brief look at all things infostealers for the week 49, 2024 (02.12.2024–08.12.2024). Was a bit too busy with new work and family stuff, forgot to update. The Lumma stealer was again pretty busy with the updates, and StealC posted after a long radio silence.

Vidar Update

Note: The update posts are copy-pasted as is (and machine-translated if post wasn’t available in English)

IMPORTANT UPDATE 12.0
Important updates that can’t be left out
What did we do?

  1. Fixed problems with deadlocks on WEB
  2. Fixed Steam collection
  3. Fixed bugs that could cause a crash
  4. Removed memory leaks
  5. Cleaned up build and proxies

IMPORTANT UPDATE 12.0
Important updates that can't be left out
What did we do?
1. Fixed problems with deadlocks on WEB
2. Fixed Steam collection
3. Fixed bugs that could cause a crash
4. Removed memory leaks
5. Cleaned up build and proxies

Screenshot from XSS forum

Lumma Update

Note: The update posts are copy-pasted as is (and machine-translated if post wasn’t available in English)

Update 2.12

  1. Cleaned up Windows Defender 10/11 + Cloud
  2. Fixed version saving in form when uploading a build
  3. Fixed unloading when file name had a long name

1. Cleaned up Windows Defender 10/11 + Cloud  
2. Fixed version saving in form when uploading a build  
3. Fixed unloading when file name had a long name

Screenshot from XSS forum

Update 4.12

  1. Added ability to unload only application data from the entire log (up to 5000 logs)
  2. Added ProtonVPN, Azure applications to the search
  3. Added saving of application selection during search
  4. Added activator by process to loader, available only for “Corporate” plan
  5. Added Blade Wallet crypto extension collection
  6. Improved cookie collection in Chromium browsers
  7. Cleanup Windows Defender 10/11 + Cloud
  8. Fixed a bug where the market bot would hang when clicking on the search button among all logs
  9. Fixed knock in Telegram when selecting filters
  10. Fixed an error when the upload status hung at 100% for some users

1. Added ability to unload only application data from the entire log (up to 5000 logs)  
2. Added ProtonVPN, Azure applications to the search  
3. Added saving of application selection during search  
4. Added activator by process to loader, available only for “Corporate” plan  
5. Added Blade Wallet crypto extension collection  
6. Improved cookie collection in Chromium browsers  
7. Cleanup Windows Defender 10/11 + Cloud  
8. Fixed a bug where the market bot would hang when clicking on the search button among all logs  
9. Fixed knock in Telegram when selecting filters  
10. Fixed an error when the upload status hung at 100% for some users

Screenshot from XSS forum

Update 8.12

  1. Improved data collection for url search
  2. Added search by any application (output logs where there is at least some application)
  3. Added display of unloading process for Workers
  4. Added possibility to leave a note when restoring token
  5. Added collecting and decrypting passwords from TightVNC, RealVNC, WinVNC, TigerVNC, UltraVNC
  6. Added collection of credentials from Google Cloud
  7. Improved Steam collection
  8. Improved collection of installed applications
  9. Cleaned WD 10/11 + Cloud
  10. Fixed loss of knocking when victim has certain browsers

1. Improved data collection for url search  
2. Added search by any application (output logs where there is at least some application)  
3. Added display of unloading process for Workers  
4. Added possibility to leave a note when restoring token  
5. Added collecting and decrypting passwords from TightVNC, RealVNC, WinVNC, TigerVNC, UltraVNC  
6. Added collection of credentials from Google Cloud  
7. Improved Steam collection  
8. Improved collection of installed applications  
9. Cleaned WD 10/11 + Cloud  
10. Fixed loss of knocking when victim has certain browsers

Screenshot from XSS forum

StealC Update

Note: The update posts are copy-pasted as is (and machine-translated if post wasn’t available in English)

stealc v1.12.2 update

list of changes:
build:

  • improving data collection from Chromium
  • bug fixes in code

stealc v1.12.2 update

list of changes:
build:
- improving data collection from Chromium
- bug fixes in code

Screenshot from XSS forum

Articles/News

Pirated corporate software infects Russian businesses with info-stealing malware

  • https://therecord.media/russia-businesses-pirated-corporate-software-redline-infostealer-malware