Overview of the Russian-speaking infostealer ecosystem: the logs.

This blog post aims at presenting the life cycle of logs, the cybercrime marketplaces dedicated to logs and the noticeable schemes recently used by threat actors to exploit the stolen data.

In the first of the two-part blog post on the Russian-speaking infostealer ecosystem, Sekoia.io analysts highlighted the main distribution channels used by cybercriminals to spread their infostealers to a large public. In this second part, we share our analysis of the phenomenon of large-scale data theft, notably focusing on “logs”, i.e. stolen data collected by the infostealers. Since both financially-motivated and State-nexus threat actors add infostealers to their malware toolset, Sekoia.io monitors and analyses in-depth this infostealer ecosystem to follow the trends.

This blog post aims at presenting the life cycle of logs, the cybercrime marketplaces dedicated to logs and the noticeable schemes recently used by threat actors to exploit the stolen data. It is based on the monitoring of threat actors’ activities on underground forums and Telegram channels, as well as open source reports.

Don’t Stop Here

More To Explore

favicon__1_ removebg-png

BE THE FIRST TO KNOW

Stay informed with the latest insights in our Infostealers weekly report.

Receive immediate notification if your email is involved in an infostealer infection.

No Spam, We Promise

favicon__1_ removebg-png

BE THE FIRST TO KNOW

Stay informed with the latest insights in our Infostealers weekly report.

Receive immediate notification if your email is involved in an infostealer infection.

No Spam, We Promise