Articles | InfoStealers

• One Million Devices Infected: Hackers Use Malvertising and GitHub to Spread Infostealers March 13, 2025
  In early December 2024, Microsoft Threat Intelligence detected a large-scale malvertising campaign that impacted nearly one million devices globally in an opportunistic attack to steal information. The attack originated from illegal streaming websites embedded with malvertising redirectors, leading to an intermediary website where the user was then redirected to GitHub and two other platforms. The […]
• Microsoft Research Reveals – Phishing Campaign Impersonates Booking(.)com, Delivers a Suite of Credential-Stealing Malware March 13, 2025
  Starting in December 2024, leading up to some of the busiest travel days, Microsoft Threat Intelligence identified a phishing campaign that impersonates online travel agency Booking.com and targets organizations in the hospitality industry. The campaign uses a social engineering technique called ClickFix to deliver multiple credential-stealing malware in order to conduct financial fraud and theft. […]
• AI’s Role in Turning Massive Data Leaks into Hacker Paydays: A Look at the Orange Breach March 4, 2025
  By [Alon Gal] | March 2025 Breaches like Orange, Schneider Electric, and Telefonica often start with a simple infostealer stealing JIRA or Confluence credentials. From there, it’s a straight shot to pulling heaps of data from internal servers. Companies tend to downplay these leaks—“no big deal, just some files”—while the data floats around cybercrime circles, waiting […]
• One in Four Cyberattacks in 2024 Traced to Infostealers, Huntress Reports March 3, 2025
  By [Alon Gal] | March 2025 At Infostealers.com, we’ve been sounding the alarm on the infostealer epidemic for years, uncovering how these malware families—like Vidar, Lumma, RedLine, and Raccoon—silently harvest credentials and pave the way for devastating breaches. Backed by Hudson Rock’s threat intelligence, we’ve tracked countless corporate compromises stemming from infected devices. Now, the “2025 […]
• ALIEN TXTBASE Data Leak: A Deep Analysis of the 284M Accounts Breach Added by HaveIbeenPwned February 26, 2025
  In recent days, the cybersecurity community has been alarmed by the emergence of a massive data leak known as ALIEN TXTBASE, which was recently indexed on Have I Been Pwned (HIBP). This breach, reportedly containing over 23 billion records, was published on a Telegram channel and claimed to be a collection of Stealer Logs—credentials stolen from malware-infected devices. Our […]
• Hudson Rock Drops BlackBastaGPT: Built from 1M Internal Messages Leaked from Black Basta Ransomware Group February 21, 2025
  We scrambled to launch BlackBastaGPT super fast after the latest Black Basta leak hit to get you immediate value. Find it here – www.hudsonrock.com/blackbastagpt This AI chatbot is for threat intelligence researchers, letting you dive into Black Basta’s internal chats to unpack their ops, tactics, cash flow, and humor. It’s raw, real, and pulls straight […]
• Infostealing Malware Infections in the U.S. Military & Defense Sector: A Cybersecurity Disaster in the Making February 17, 2025
  By [Alon Gal] | February 2025 Introduction: When National Security Gets Compromised for $10 For years, the U.S. military and its defense contractors have been considered the gold standard of security — equipped with multi-billion-dollar budgets, classified intelligence networks, and the world’s most advanced cybersecurity measures. Yet, Global Infostealing Malware Data from Hudson Rock reveals an unsettling reality: […]
• Hudson Rock’s Cybercrime and Threat Intelligence Researcher, Leonid Rozenberg, Shares Insights About Infostealers and Security February 5, 2025
  Hudson Rock has been the go-to source for all things cybersecurity and infosec updates. Be it offering dark web intelligence or finding one’s own data on breach forums, Hudson Rock has been a torch bearer, bringing the latest updates to people. TechNadu reached out to the company to know how they work, what powers them, […]
• CAPTCHA Chaos: From X Threads to Telegram January 28, 2025
  Cybercriminals are continuously evolving their tactics to exploit human behavior and trust. In one of the latest campaigns, attackers have weaponized fake CAPTCHA verification systems—tools typically used to verify a user’s legitimacy—to deliver malicious payloads. Introduction This campaign demonstrates an evolution from basic fake URL-based CAPTCHAs, seen in previous attacks, to a more sophisticated Telegram-based […]