StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

Infostealers remain among the most pervasive cybercrime threats, silently harvesting passwords, cookies, and session tokens that enable enterprise breaches. StealC is a malware-as-a-service infostealer written in C++ that collects credentials from browsers, cryptocurrency wallets, messaging applications, email clients, and gaming platforms while functioning as a secondary loader. Amadey operates as a modular backdoor loader active since 2018, delivering downstream payloads including StealC, Lumma Stealer, and ransomware through various backdoor commands. Both operate on commodity rental models where stolen credentials flow through underground markets to access brokers who resell enterprise access. On June 24, 2026, Microsoft's Digital Crimes Unit coordinated with Europol to disrupt over 200 malicious command-and-control domains supporting these operations, using AI-assisted analysis tools including Microsoft Copilot for binary analysis and configuration extraction.

Pulse ID: 6a3bde31cd05f010063a2224
Pulse Link: https://otx.alienvault.com/pulse/6a3bde31cd05f010063a2224
Pulse Author: AlienVault
Created: 2026-06-24 13:40:01

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Amadey #BackDoor #Browser #Cookies #CyberCrime #CyberSecurity #Email #InfoSec #InfoStealer #LummaStealer #Malware #MalwareAsAService #Microsoft #OTX #OpenThreatExchange #Password #Passwords #RAT #RansomWare #Stealc #Word #bot #cryptocurrency #AlienVault