A brief look at all things infostealers for the week 49, 2024 (02.12.2024–08.12.2024). Was a bit too busy with new work and family stuff, forgot to update. The Lumma stealer was again pretty busy with the updates, and StealC posted after a long radio silence.
Vidar Update
Note: The update posts are copy-pasted as is (and machine-translated if post wasn’t available in English)
IMPORTANT UPDATE 12.0
Important updates that can’t be left out
What did we do?
- Fixed problems with deadlocks on WEB
- Fixed Steam collection
- Fixed bugs that could cause a crash
- Removed memory leaks
- Cleaned up build and proxies
Screenshot from XSS forum
Lumma Update
Note: The update posts are copy-pasted as is (and machine-translated if post wasn’t available in English)
Update 2.12
- Cleaned up Windows Defender 10/11 + Cloud
- Fixed version saving in form when uploading a build
- Fixed unloading when file name had a long name
Screenshot from XSS forum
Update 4.12
- Added ability to unload only application data from the entire log (up to 5000 logs)
- Added ProtonVPN, Azure applications to the search
- Added saving of application selection during search
- Added activator by process to loader, available only for “Corporate” plan
- Added Blade Wallet crypto extension collection
- Improved cookie collection in Chromium browsers
- Cleanup Windows Defender 10/11 + Cloud
- Fixed a bug where the market bot would hang when clicking on the search button among all logs
- Fixed knock in Telegram when selecting filters
- Fixed an error when the upload status hung at 100% for some users
Screenshot from XSS forum
Update 8.12
- Improved data collection for url search
- Added search by any application (output logs where there is at least some application)
- Added display of unloading process for Workers
- Added possibility to leave a note when restoring token
- Added collecting and decrypting passwords from TightVNC, RealVNC, WinVNC, TigerVNC, UltraVNC
- Added collection of credentials from Google Cloud
- Improved Steam collection
- Improved collection of installed applications
- Cleaned WD 10/11 + Cloud
- Fixed loss of knocking when victim has certain browsers
Screenshot from XSS forum
StealC Update
Note: The update posts are copy-pasted as is (and machine-translated if post wasn’t available in English)
stealc v1.12.2 update
list of changes:
build:
- improving data collection from Chromium
- bug fixes in code
Screenshot from XSS forum
Articles/News
Pirated corporate software infects Russian businesses with info-stealing malware
- https://therecord.media/russia-businesses-pirated-corporate-software-redline-infostealer-malware