-
mac.c macOS Stealer
On 14 March 2025, a user “mentalpositive” on XSS Forum has posted a thread advertising a new MacOS infostealer. Below is the machine translation of the user’s forum post, with minor edits by me. Screenshot from XSS Forum. User advertises the new infostealer mac.c macOS Stealer is a stealer for devices running the macOS operating…
-
Nightly claims to have access to Commercial Bank of Qatar
A user on a Russian-speaking forum XSS claims to have access to database of Commercial Bank of Qatar. User of the forum, who goes by name of nightly, has made a thread with minimal information about the access and hasn’t shared any (sample/full) data yet. However, given the past behaviour of the user, we can…
-
Okta Source Code Leak
A user on XSS forum, named nightly, has started a thread “Okta Source Code”, where they have shared some screenshots which allegedly depict their access. Might update this post if have time to analyse or get more info. Screenshot from XSS forum Below are screenshots shared by the user on the XSS forum:
-
All things infostealers. Week 43, 2024
A brief look at all things infostealers for the week 43, 2024 (21.10.2024–27.10.2024). My-my, during week 43 were observed a number of updates to several infostealers. As usual, added few articles and news pieces that were interesting. Specially the “Braodo Stealer” one, haven’t heard about such stealer before. XFiles Update Note: The update posts are…
-
All things infostealers. Week 41, 2024
A brief look at all things infostealers for the week 41, 2024 (07.10.2024–13.10.2024). Includes an update on XFiles, Lumma, StealC and Vidar stealers. And a news article on Ukrainian national pleading guilty to his involvement in the Raccoon Stealer. XFiles Update Note: The update post is copy-pasted as is from the XSS forum Update 3.11.0 08.10.2024**A…
-
All things infostealers. Week 40, 2024
A brief look at all things infostealers for the week 40, 2024 (30.09.2024–06.10.2024). Includes an update on Lumar and XFiles stealers, source code sale of a stealer, emergence of a new logs market, and finally, a news article on AI ‘Nudify’ site, which lead to RedLine infections. XFiles Update 3.10.0 Note: The update post is…
-
Yet another stealer targeting macOS
Seems that infostealer developers are paying more and more attention to the macOS user base (or rather victim base). In the recent past, few strains of infostealer malware targeting macOS platform were found operating and there are some deeper analyses of the malware by security vendors. Recently, while browsing the infamous XSS forum, I stumbled…