重大アクティブトレンド
Critical Risk
95%
Info-Stealer Malware
Credential and session theft from browsers, wallets, and messaging apps.
#malware#infostealer#credentials
脅威の概要
Infostealers exfiltrate passwords, cookies, cryptocurrency wallets, and MFA session tokens—often sold on criminal marketplaces within hours of infection.
攻撃の挙動
- Browser credential database extraction
- Discord and Telegram session theft
- Cryptocurrency wallet harvesting
感染経路
- Fake game cheats and cracks
- Malicious browser extensions
- Loader-delivered payloads
症状と指標
- Account takeovers without phishing emails
- Missing crypto funds
- Friends reporting spam from your accounts
即時の緩和策
- Rotate all passwords from clean device
- Revoke OAuth sessions
- Move crypto to new wallets
削除ガイド
- Remove malicious extensions
- Clear infected browser profiles
- Full system scan and quarantine
予防方法
- Password manager with unique credentials
- Hardware MFA where supported
- Avoid cracked software
テレメトリ指標
- Access to Login Data SQLite files
- Telegram tdata folder reads
- Large outbound ZIP to unknown IPs
Session cookie theft can bypass MFA until sessions expire. Rotate credentials and invalidate active sessions after infection.