the all-around infostealer hub.

To completely understand what’s going on in a market that has been growing in the last years I found mandatory to know which players are dominating it. Always remember that behind every user of the Internet there is another human like you, so if you can be kind enough to reach them and they agree, you can have a little

What is an Infostealer? An infostealer is a type of malware designed to stealthily extract sensitive information from infected devices. It operates in the background, collecting data such as login credentials, financial details, and personal information, which hackers can then use for identity theft, financial fraud, or selling on the dark web. These infections often spread through phishing emails, malicious

With cyber espionage on the rise, opportunistic Infostealer malware, designed to harvest credentials indiscriminately, is being repurposed by Advanced Persistent Threat (APT) groups to devastating effect. Hudson Rock‘s threat intelligence reveals a global wave of compromised Ministry of Foreign Affairs (MOFA) email accounts, from Saudi Arabia’s mofa.gov.sa to South Korea’s mail.mofa.go.kr, the United Arab Emirates’ mofa.gov.ae, Qatar’s mofa.gov.qa, and others,

Atomic macOS Stealer (AMOS), a popular piece of stealer malware for macOS, has just received a major update. For the first time, it’s being deployed with an embedded backdoor. This change allows attackers to maintain persistent access to a victim’s Mac, run arbitrary tasks from remote servers, and gain extended control over compromised machines. This represents the highest level of

At SINCON 2025 in Singapore, Leonid Rozenberg sat down with cyber journalist Jane Lo for a brief but powerful 15-minute interview that catches you up on the latest Infostealer-related threats, trends, and developments.

In a cyberattack that underscores the destructive power of infostealer malware, Hy-Vee, a prominent U.S. supermarket chain, has been hit by a massive data breach courtesy of the Stormous ransomware group. The attackers claim they’ve infiltrated Hy-Vee’s Atlassian accounts, specifically Confluence and Jira, using stolen credentials, Hudson Rock traced back these credentials to various Infostealer infections of Hy-Vee employees. This