All things infostealers. Week 2, 2025


A brief look at all things infostealers for the week 2, 2025 (06.01.2025–12.01.2025). This week observed updates in LummaC2 and MintStealer infostealers. Grabbed some meaningless numbers from marketplaces and have some interesting reports about stealers.

Infostealer Updates

LummaC2

Note: The update posts are copy-pasted as is (and machine-translated if post wasn’t available in English)

Update 7.01

  1. Fixed a bug where the search page might not open without results
  2. Fixed “No duplicates” search
  3. Fixed a bug where random characters could be added when changing the address in the clipper
  4. Replaced common gaskets
  5. Cleaning WD 10/11 + Cloud

Screenshot from XSS forum

Mint Stealer

Note: The update posts are copy-pasted as is (and machine-translated if post wasn’t available in English)

Dear Mint Stealer customers,

The version 1.2.1 (beta 2) of mint stealer is OUT, what’s new?
● reFUD
● Adding Discord token in archive with details like if nitro or not… (was only on the panel)
● Adding Discord token in parsed (only tokens without details)
● Fix Chrome/Edge Cookies parsing
● Fix realtime detections with CMD/PS1 commands (we will use Win32API instead)
● Rename Roblox [LAUNCHER] to Roblox Launcher
● Rename Category to Parsed
and some other things (would be a too long list)

Screenshot from Telegram channel

Marketplace Updates

This section provides some numbers taken from the marketplaces, which include numbers of victims based on stealers, top 5 countries, and the victim numbers in the countries of the Nordic region.

RussianMarket

Stealers by number of victims
Stealer nameNumber of victims
Lumma6,276,516
RisePro1,430,579
Vidar1,293,232
StealC999,432
RedLine790,822
Raccoon331,071
Top 5 countries by number of victims
CountryNumber of victims
India1,071,799
Brazil894,862
Indonesia590,277
Egypt568,457
Pakistan550,685
Nordic region countries
CountryNumber of victims
Sweden17,709
Denmark9,381
Norway7,266
Finland6,326
Iceland896
Faroe83
Åland14

ExodusMarket

Stealers by number of victims
Stealer nameNumber of victims
RedLine82,816
Lumma38,044
Vidar56
Unknown10
Top 5 countries by number of victims
CountryNumber of victims
Peru7,306
Turkey7,182
India6,308
Pakistan6,285
Vietnam5,824
Nordic region countries
CountryNumber of victims
Norway144
Sweden96
Denmark47
Finland44
Iceland10

Articles/News

Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit

  • https://www.trendmicro.com/en_us/research/25/a/information-stealer-masquerades-as-ldapnightmare-poc-exploit.html

Cracking the Code: How Banshee Stealer Targets macOS Users

  • https://blog.checkpoint.com/research/cracking-the-code-how-banshee-stealer-targets-macos-users/