For US$100, threat actors can use RedLine Stealer to steal sensitive information, including saved credentials, bank details, and system data.
A CloudSEK technical analysis1 of the threat inspired us to investigate over 900 publicly available RedLine Stealer IoCs. Our key findings include:
- 1,700+ artifacts connected to the threat IoCs through shared WHOIS details and string usage
- 700+ connected properties resolving to the IP addresses tagged as IoCs
- 92% of the IoCs still resolved to IP addresses
- Some artifacts targeting banks, a decentralized financial (De-Fi) platform, and a courier were malicious
Get access to our findings and uncover more on your own. Download the report now.
—
- [1] https://www.cloudsek.com/technical-analysis-of-the-redline-stealer/