Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

June 2026 Infostealer Trend Report

0
Medium
Published: 07/15/2026 (07/15/2026, 11:58:14 UTC)
Source: AlienVault OTX General

Description

During June 2026, multiple infostealer families including Remus, ACRStealer, LummaC2, and Vidar were distributed through SEO poisoning techniques, disguised as illegal software such as cracks and keygens. Attacks utilized EXE files (84.5%) and DLL side-loading (15.5%) methods, with distribution primarily through Mediafire, Mega, and cloud storage platforms. Microsoft Corporation was the most frequently impersonated entity. MacOS environments were targeted through ClickFix techniques and malicious Bash scripts, with one variant dynamically obtaining C2 addresses via Polygon smart contracts. Email-based campaigns distributed AgentTesla and DarkCloud through compressed attachments, with both variants exfiltrating data via SMTP. The stolen credentials pose significant risks for dark web trading and secondary attacks.

Technical Details

Author
AlienVault
Tlp
white
References
["https://asec.ahnlab.com/en/94486/"]
Adversary
null
Pulse Id
6a5775d6071af081378a0eb9
Threat Score
null

Indicators of Compromise

Hash

ValueDescriptionCopy
hashd15248555e7a2d9c279d219e6587a74fca9c25720194512a2e4b0757f7a63219
hash02c7d78e6c5816f1df250f995a776aa2
hash03663f2f81da94cd204837e4bde772ff
hash03e99ceede013fe1b50a0e06c1f0a02c
hash042db31ea5443d78aeee714556813a28
hash04d91c168c7617c38199983858cfbb4e
hashc8c80cde1ae90d6a594980e117977437de97ebb1
hashdbe028a59ffe936bce9acb56e9c2db93ef6f84fe
hashac14d191300c2d3aa9f57829b895b7720be1ef3563bace25de731002d52577f7

Domain

ValueDescriptionCopy
domainapdhlhs3.xyz
domainbduwih8.pro
domainjohncon.my

Threat ID: 6a58000568715ace438b184a

Added to database: 07/15/2026, 21:47:49 UTC

Last updated: 07/15/2026, 21:47:49 UTC

Views: 1

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

Please log in to the Console to use AI analysis features.

External Links

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses