Powerful MaaS On the Prowl for Credentials and Crypto Assets
Katz Stealer is a sophisticated infostealer marketed as Malware-as-a-Service (MaaS), launched in early 2025. It features robust credential and data theft capabilities, along with modern evasion and anti-analysis techniques. The stealer targets a wide range of personal and sensitive information, including passwords, cryptocurrency keys, and browser session data. Operated through a web-based management panel, Katz Stealer allows affiliates to generate custom payloads and manage stolen data. Its infection chain involves obfuscated JavaScript droppers, steganography, and process hollowing techniques. The malware focuses heavily on browser data theft and cryptocurrency wallet targeting, with the ability to bypass some browser security measures.
AI Analysis
Technical Summary
Katz Stealer is a sophisticated Malware-as-a-Service (MaaS) infostealer that emerged in early 2025, designed primarily to harvest credentials and cryptocurrency-related data. It operates via a web-based management panel that enables affiliates to create customized payloads and efficiently manage stolen data, indicating a scalable and user-friendly criminal infrastructure. The malware employs advanced infection techniques including obfuscated JavaScript droppers, steganography to hide malicious code within benign files, and process hollowing to evade detection by security solutions. Katz Stealer targets a broad spectrum of sensitive information, focusing heavily on browser data such as saved passwords, session cookies, and cryptocurrency wallet keys, enabling attackers to bypass some browser security mechanisms. Its evasion capabilities include anti-analysis and anti-detection methods, making it difficult for traditional endpoint security tools to identify and mitigate the threat. The malware leverages multiple MITRE ATT&CK techniques such as credential dumping (T1555), process injection (T1055), obfuscated files or information (T1027), and data exfiltration (T1041), highlighting its multi-faceted approach to compromise and data theft. Despite its sophistication, there are no known public exploits or patches associated with Katz Stealer, as it is primarily distributed through MaaS affiliates rather than exploiting software vulnerabilities directly. The medium severity rating reflects the balance between its potent data theft capabilities and the requirement for initial infection vectors, typically involving user interaction or social engineering.
Potential Impact
For European organizations, Katz Stealer poses significant risks, particularly to sectors and individuals involved in cryptocurrency transactions and digital asset management. The theft of credentials and browser session data can lead to unauthorized access to corporate and personal accounts, resulting in financial loss, data breaches, and reputational damage. The malware's ability to bypass browser security measures increases the likelihood of successful exfiltration of sensitive information. Organizations with employees who handle cryptocurrency or use browsers to access sensitive systems are especially vulnerable. Additionally, the MaaS model lowers the barrier for cybercriminals to deploy this malware, potentially increasing the volume and diversity of attacks across Europe. The impact extends beyond financial theft to potential secondary attacks such as account takeover, lateral movement within networks, and espionage. Given the widespread use of browsers and cryptocurrency wallets in Europe, the threat could disrupt business operations and erode trust in digital financial services.
Mitigation Recommendations
To mitigate Katz Stealer effectively, European organizations should implement a layered defense strategy tailored to the malware's specific tactics. First, enhance endpoint protection with advanced behavioral detection capable of identifying process hollowing and obfuscated scripts. Deploy browser security solutions that monitor and restrict unauthorized access to stored credentials and session data. Employ strict application control policies to prevent execution of unauthorized JavaScript droppers and scripts, including disabling or sandboxing macros and script execution where feasible. Implement network monitoring to detect unusual outbound data flows indicative of data exfiltration. Educate users on phishing and social engineering risks to reduce initial infection vectors. For organizations involved in cryptocurrency, use hardware wallets or multi-factor authentication to protect keys, and segregate crypto-related activities from general browsing. Regularly audit and update incident response plans to address MaaS threats, including rapid identification and containment of infected endpoints. Finally, collaborate with threat intelligence providers to stay informed about evolving Katz Stealer variants and tactics.
Affected Countries
Germany, United Kingdom, France, Netherlands, Switzerland, Sweden
Indicators of Compromise
- hash: 02115d0005c8ade176156c78565828dc
- hash: 03552e4adc8dda4557edc5ca57c611ca
- hash: 0710c5fd7d53dece6926b297e343d3f2
- hash: 07a7f829677af65f778369a3fc4e1f86
- hash: 151ab8a4cc1d5b1995e15c3ca19baff9
- hash: 1ad13ba816a63bcf1d01c8485f500029
- hash: 3786bf65df20165b526af646ab1e46c7
- hash: 38331f134a3f5ee9a945c2d1d4f0768a
- hash: 3f3ada874a48e48d72ac26d12f8c7e60
- hash: 74a7b0e5438b16326b9230aea2a5b359
- hash: 7b1b9f0292979cf0df3ef21f4bae0882
- hash: 90c5821bf41c4ab7f33bb748551def22
- hash: 94b5e34bef3d836632ef422205c5c1f3
- hash: 9dca61626ab6343fb5e39ce310b367e8
- hash: a672f39ead8bd2f98386bb9b62c708a2
- hash: b52ace1f26aab3fbf89ee9fb8d23a52e
- hash: bb2b3420577efcc0c0a09f7488456b91
- hash: cd1dd021e439fd621fc3410bfb2dfb78
- hash: ce02802067934e0eb072f69bf6427bf6
- hash: d384268b339c7e5440ee1a7607be3495
- hash: da7ec01e2e6a198d1968055642ec5012
- hash: e9b413e1abd01b6b98062d39c5552a57
- hash: f0220f5d1f935f09d58e869247cfdb5d
- hash: f175f4c2d99cc4f35f9aecdffc3489ed
- hash: f69bf1ed39691a1c5cabfbadc2faed6c
- hash: 0076795b220fa48c92b57994b015119aae8242ca
- hash: 0c1f2ee0328e0ed7e4ec84ef452bffa1749f5602
- hash: 0fad38ab91d5676378265405b4f42d98e475c44c
- hash: 17ce22264551bd32959790c4c2f57bec8304e2ce
- hash: 1976a1a05a6a47ac33eb1cfc4e5a0eb11863f6eb
- hash: 1b6b072df8f69a47fd481fa9be850c0063fd5b93
- hash: 1d5ef46357eb2298b1c3c4faccbaafa729137613
- hash: 1ee406eb68ab92bad77cf53df50c4ce6963e75fd
- hash: 26e089bed61c0d89e5078f387bd55dd5895d4fc0
- hash: 29daa866c85fc1e302c40a73bc2a0772aa285295
- hash: 2f2ced67e87101f4d1275456f0861209809492fc
- hash: 3cf4f3ababa912e0e6bb71ab5abb43681d8e7ecc
- hash: 47ea1c41f79f775f0631191ee72852c1bfb61a7e
- hash: 4e69cb16a3768733d94bb1b5d8f1556d0bddd09b
- hash: 4eeda02db01cdf83948a83235c82e801522efa54
- hash: 5179dbf5e9fd708f6e6df8b4913f21c3b78d5529
- hash: 5492947d2b85a57f40201cd7d1351c3d4b92ae88
- hash: 571b3681f7564236b7527d5b6fe14117f9d4de6d
- hash: 5de014856702b9f1570944e8562ce283f7cd0a64
- hash: 6351b5505dc671d143d5970eb08050d2f7344149
- hash: 680984e43b76aa7a58ed9b617efe6afcb1f04bb7
- hash: 6d88a5f0021278c2c3a56c177f39f4a31f286032
- hash: 76bb7ffe523f594308ecd482db4f32047905c461
- hash: 80f1b8b27833db614d3f7c2a389aceb033b8ce80
- hash: 82dc7c0ca39f114c333caae9a6931a2a1c487ee5
- hash: 8c2422ebab77a0de81d2e46e1326d8912b099018
- hash: 9becb041aedc7c6aafeb412b4b91788e1df65b38
- hash: 9c60a2b4764b7b5e3a6c7f20036490a539996d8a
- hash: a0717a486b4e037871c4657cf353cd298f13601f
- hash: b3d574dfb561f5439930e2a6d10917f3aa58c341
- hash: b40e56439d4dcdc238b8254adbd8862c73ca34bc
- hash: b61f92613dc911609b78a1e83c5baadc7e289dbc
- hash: b744179d3304d1e977e680502d201b7df49cb188
- hash: bbf2a5fdb039366b3f9eca603bf08ae92c43c0ef
- hash: cc800e4977d76c38656f3f60c5ed5f02df6a2f7b
- hash: ce19aa5eb7fce50dd94b5f740d162f8d9b057fde
- hash: da5ed6b939f51370709f66cbf0d8201ec8cd58b0
- hash: dffc1167399631ed779b5698d0ac2d9ea74af6c8
- hash: dffddd2fb7b139d2066284c5e0d16909f9188dc2
- hash: e26d65d8c25b0be7379e4322f6ebcadecbb02286
- hash: e78f942ca088c4965fcc5c8011cf6f9ee5c2a130
- hash: fb4792306f2cf514e56bc86485920b8134954433
- hash: 22af84327cb8ecafa44b51e9499238ca2798cec38c2076b702c60c72505329cb
- hash: 25b1ec4d62c67bd51b43de181e0f7d1bda389345b8c290e35f93ccb444a2cf7a
- hash: 2798bf4fd8e2bc591f656fa107bd871451574d543882ddec3020417964d2faa9
- hash: 2852770f459c0c6a0ecfc450b29201bd348a55fb3a7a5ecdcc9986127fdb786b
- hash: 5dd629b610aee4ed7777e81fc5135d20f59e43b5d9cc55cdad291fcf4b9d20eb
- hash: 6dc8e99da68b703e86fa90a8794add87614f254f804a8d5d65927e0676107a9d
- hash: 85f2455dfe4edd531a7074bd3ad2b49d065b42e9caa5129a075728961767b6b7
- hash: 8d2ba9e251d0dc9bc1d047f8d4cb36624d0288ba417c2afa48f11348454db7aa
- hash: 925e6375deaa38d978e00a73f9353a9d0df81f023ab85cf9a1dc046e403830a8
- hash: 945365891630b70db7bd0069dca9890c3894702bfeac10a788a487eb9900870f
- hash: 964ec70fc2fdf23f928f78c8af63ce50aff058b05787e43c034e04ea6cbe30ef
- hash: 96ada593d54949707437fa39628960b1c5d142a5b1cb371339acc8f86dbc7678
- hash: a6b736988246610da83ce17c2c15af189d3a3a4f82233e4fedfabdcbbde0cff0
- hash: b249814a74dff9316dc29b670e1d8ed80eb941b507e206ca0dfdc4ff033b1c1f
- hash: b912f06cf65233b9767953ccf4e60a1a7c262ae54506b311c65f411db6f70128
- hash: c601721933d11254ae329b05882337db1069f81e4d04cd4550c4b4b4fe35f9cd
- hash: c929ee54bdd45df0fa26d0e357ba554ef01159533501ec40f003a374e1e36974
- hash: d21beddb601c2b16bbdb7934a12b822962e40d3b3f64b7f83edc763c57649bcf
- hash: d92bb6e47cb0a0bdbb51403528ccfe643a9329476af53b5a729f04a4d2139647
- hash: e345d793477abbecc2c455c8c76a925c0dfe99ec4c65b7c353e8a8c8b14da2b6
- hash: e4249cf9557799e8123e0b21b6a4be5ab8b67d56dc5bfad34a1d4e76f7fd2b19
- hash: e73f6e1f6c28469e14a88a633aef1bc502d2dbb1d4d2dfcaaef7409b8ce6dc99
- hash: fb2b9163e8edf104b603030cff2dc62fe23d8f158dd90ea483642fce2ceda027
- hash: fdc86a5b3d7df37a72c3272836f743747c47bfbc538f05af9ecf78547fa2e789
- ip: 185.107.74.40
- ip: 195.182.25.71
- ip: 31.177.109.39
- ip: 80.64.18.219
- domain: katz-panel.com
- domain: katzstealer.com
- domain: zxczxczxczxc.twist2katz.com
Powerful MaaS On the Prowl for Credentials and Crypto Assets
Description
Katz Stealer is a sophisticated infostealer marketed as Malware-as-a-Service (MaaS), launched in early 2025. It features robust credential and data theft capabilities, along with modern evasion and anti-analysis techniques. The stealer targets a wide range of personal and sensitive information, including passwords, cryptocurrency keys, and browser session data. Operated through a web-based management panel, Katz Stealer allows affiliates to generate custom payloads and manage stolen data. Its infection chain involves obfuscated JavaScript droppers, steganography, and process hollowing techniques. The malware focuses heavily on browser data theft and cryptocurrency wallet targeting, with the ability to bypass some browser security measures.
AI-Powered Analysis
Technical Analysis
Katz Stealer is a sophisticated Malware-as-a-Service (MaaS) infostealer that emerged in early 2025, designed primarily to harvest credentials and cryptocurrency-related data. It operates via a web-based management panel that enables affiliates to create customized payloads and efficiently manage stolen data, indicating a scalable and user-friendly criminal infrastructure. The malware employs advanced infection techniques including obfuscated JavaScript droppers, steganography to hide malicious code within benign files, and process hollowing to evade detection by security solutions. Katz Stealer targets a broad spectrum of sensitive information, focusing heavily on browser data such as saved passwords, session cookies, and cryptocurrency wallet keys, enabling attackers to bypass some browser security mechanisms. Its evasion capabilities include anti-analysis and anti-detection methods, making it difficult for traditional endpoint security tools to identify and mitigate the threat. The malware leverages multiple MITRE ATT&CK techniques such as credential dumping (T1555), process injection (T1055), obfuscated files or information (T1027), and data exfiltration (T1041), highlighting its multi-faceted approach to compromise and data theft. Despite its sophistication, there are no known public exploits or patches associated with Katz Stealer, as it is primarily distributed through MaaS affiliates rather than exploiting software vulnerabilities directly. The medium severity rating reflects the balance between its potent data theft capabilities and the requirement for initial infection vectors, typically involving user interaction or social engineering.
Potential Impact
For European organizations, Katz Stealer poses significant risks, particularly to sectors and individuals involved in cryptocurrency transactions and digital asset management. The theft of credentials and browser session data can lead to unauthorized access to corporate and personal accounts, resulting in financial loss, data breaches, and reputational damage. The malware's ability to bypass browser security measures increases the likelihood of successful exfiltration of sensitive information. Organizations with employees who handle cryptocurrency or use browsers to access sensitive systems are especially vulnerable. Additionally, the MaaS model lowers the barrier for cybercriminals to deploy this malware, potentially increasing the volume and diversity of attacks across Europe. The impact extends beyond financial theft to potential secondary attacks such as account takeover, lateral movement within networks, and espionage. Given the widespread use of browsers and cryptocurrency wallets in Europe, the threat could disrupt business operations and erode trust in digital financial services.
Mitigation Recommendations
To mitigate Katz Stealer effectively, European organizations should implement a layered defense strategy tailored to the malware's specific tactics. First, enhance endpoint protection with advanced behavioral detection capable of identifying process hollowing and obfuscated scripts. Deploy browser security solutions that monitor and restrict unauthorized access to stored credentials and session data. Employ strict application control policies to prevent execution of unauthorized JavaScript droppers and scripts, including disabling or sandboxing macros and script execution where feasible. Implement network monitoring to detect unusual outbound data flows indicative of data exfiltration. Educate users on phishing and social engineering risks to reduce initial infection vectors. For organizations involved in cryptocurrency, use hardware wallets or multi-factor authentication to protect keys, and segregate crypto-related activities from general browsing. Regularly audit and update incident response plans to address MaaS threats, including rapid identification and containment of infected endpoints. Finally, collaborate with threat intelligence providers to stay informed about evolving Katz Stealer variants and tactics.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Author
- AlienVault
- Tlp
- white
- References
- ["https://www.sentinelone.com/blog/katz-stealer-powerful-maas-on-the-prowl-for-credentials-and-crypto-assets/"]
- Adversary
- null
- Pulse Id
- 68795169d12d2d2919a05908
- Threat Score
- null
Indicators of Compromise
Hash
| Value | Description | Copy |
|---|---|---|
hash02115d0005c8ade176156c78565828dc | — | |
hash03552e4adc8dda4557edc5ca57c611ca | — | |
hash0710c5fd7d53dece6926b297e343d3f2 | — | |
hash07a7f829677af65f778369a3fc4e1f86 | — | |
hash151ab8a4cc1d5b1995e15c3ca19baff9 | — | |
hash1ad13ba816a63bcf1d01c8485f500029 | — | |
hash3786bf65df20165b526af646ab1e46c7 | — | |
hash38331f134a3f5ee9a945c2d1d4f0768a | — | |
hash3f3ada874a48e48d72ac26d12f8c7e60 | — | |
hash74a7b0e5438b16326b9230aea2a5b359 | — | |
hash7b1b9f0292979cf0df3ef21f4bae0882 | — | |
hash90c5821bf41c4ab7f33bb748551def22 | — | |
hash94b5e34bef3d836632ef422205c5c1f3 | — | |
hash9dca61626ab6343fb5e39ce310b367e8 | — | |
hasha672f39ead8bd2f98386bb9b62c708a2 | — | |
hashb52ace1f26aab3fbf89ee9fb8d23a52e | — | |
hashbb2b3420577efcc0c0a09f7488456b91 | — | |
hashcd1dd021e439fd621fc3410bfb2dfb78 | — | |
hashce02802067934e0eb072f69bf6427bf6 | — | |
hashd384268b339c7e5440ee1a7607be3495 | — | |
hashda7ec01e2e6a198d1968055642ec5012 | — | |
hashe9b413e1abd01b6b98062d39c5552a57 | — | |
hashf0220f5d1f935f09d58e869247cfdb5d | — | |
hashf175f4c2d99cc4f35f9aecdffc3489ed | — | |
hashf69bf1ed39691a1c5cabfbadc2faed6c | — | |
hash0076795b220fa48c92b57994b015119aae8242ca | — | |
hash0c1f2ee0328e0ed7e4ec84ef452bffa1749f5602 | — | |
hash0fad38ab91d5676378265405b4f42d98e475c44c | — | |
hash17ce22264551bd32959790c4c2f57bec8304e2ce | — | |
hash1976a1a05a6a47ac33eb1cfc4e5a0eb11863f6eb | — | |
hash1b6b072df8f69a47fd481fa9be850c0063fd5b93 | — | |
hash1d5ef46357eb2298b1c3c4faccbaafa729137613 | — | |
hash1ee406eb68ab92bad77cf53df50c4ce6963e75fd | — | |
hash26e089bed61c0d89e5078f387bd55dd5895d4fc0 | — | |
hash29daa866c85fc1e302c40a73bc2a0772aa285295 | — | |
hash2f2ced67e87101f4d1275456f0861209809492fc | — | |
hash3cf4f3ababa912e0e6bb71ab5abb43681d8e7ecc | — | |
hash47ea1c41f79f775f0631191ee72852c1bfb61a7e | — | |
hash4e69cb16a3768733d94bb1b5d8f1556d0bddd09b | — | |
hash4eeda02db01cdf83948a83235c82e801522efa54 | — | |
hash5179dbf5e9fd708f6e6df8b4913f21c3b78d5529 | — | |
hash5492947d2b85a57f40201cd7d1351c3d4b92ae88 | — | |
hash571b3681f7564236b7527d5b6fe14117f9d4de6d | — | |
hash5de014856702b9f1570944e8562ce283f7cd0a64 | — | |
hash6351b5505dc671d143d5970eb08050d2f7344149 | — | |
hash680984e43b76aa7a58ed9b617efe6afcb1f04bb7 | — | |
hash6d88a5f0021278c2c3a56c177f39f4a31f286032 | — | |
hash76bb7ffe523f594308ecd482db4f32047905c461 | — | |
hash80f1b8b27833db614d3f7c2a389aceb033b8ce80 | — | |
hash82dc7c0ca39f114c333caae9a6931a2a1c487ee5 | — | |
hash8c2422ebab77a0de81d2e46e1326d8912b099018 | — | |
hash9becb041aedc7c6aafeb412b4b91788e1df65b38 | — | |
hash9c60a2b4764b7b5e3a6c7f20036490a539996d8a | — | |
hasha0717a486b4e037871c4657cf353cd298f13601f | — | |
hashb3d574dfb561f5439930e2a6d10917f3aa58c341 | — | |
hashb40e56439d4dcdc238b8254adbd8862c73ca34bc | — | |
hashb61f92613dc911609b78a1e83c5baadc7e289dbc | — | |
hashb744179d3304d1e977e680502d201b7df49cb188 | — | |
hashbbf2a5fdb039366b3f9eca603bf08ae92c43c0ef | — | |
hashcc800e4977d76c38656f3f60c5ed5f02df6a2f7b | — | |
hashce19aa5eb7fce50dd94b5f740d162f8d9b057fde | — | |
hashda5ed6b939f51370709f66cbf0d8201ec8cd58b0 | — | |
hashdffc1167399631ed779b5698d0ac2d9ea74af6c8 | — | |
hashdffddd2fb7b139d2066284c5e0d16909f9188dc2 | — | |
hashe26d65d8c25b0be7379e4322f6ebcadecbb02286 | — | |
hashe78f942ca088c4965fcc5c8011cf6f9ee5c2a130 | — | |
hashfb4792306f2cf514e56bc86485920b8134954433 | — | |
hash22af84327cb8ecafa44b51e9499238ca2798cec38c2076b702c60c72505329cb | — | |
hash25b1ec4d62c67bd51b43de181e0f7d1bda389345b8c290e35f93ccb444a2cf7a | — | |
hash2798bf4fd8e2bc591f656fa107bd871451574d543882ddec3020417964d2faa9 | — | |
hash2852770f459c0c6a0ecfc450b29201bd348a55fb3a7a5ecdcc9986127fdb786b | — | |
hash5dd629b610aee4ed7777e81fc5135d20f59e43b5d9cc55cdad291fcf4b9d20eb | — | |
hash6dc8e99da68b703e86fa90a8794add87614f254f804a8d5d65927e0676107a9d | — | |
hash85f2455dfe4edd531a7074bd3ad2b49d065b42e9caa5129a075728961767b6b7 | — | |
hash8d2ba9e251d0dc9bc1d047f8d4cb36624d0288ba417c2afa48f11348454db7aa | — | |
hash925e6375deaa38d978e00a73f9353a9d0df81f023ab85cf9a1dc046e403830a8 | — | |
hash945365891630b70db7bd0069dca9890c3894702bfeac10a788a487eb9900870f | — | |
hash964ec70fc2fdf23f928f78c8af63ce50aff058b05787e43c034e04ea6cbe30ef | — | |
hash96ada593d54949707437fa39628960b1c5d142a5b1cb371339acc8f86dbc7678 | — | |
hasha6b736988246610da83ce17c2c15af189d3a3a4f82233e4fedfabdcbbde0cff0 | — | |
hashb249814a74dff9316dc29b670e1d8ed80eb941b507e206ca0dfdc4ff033b1c1f | — | |
hashb912f06cf65233b9767953ccf4e60a1a7c262ae54506b311c65f411db6f70128 | — | |
hashc601721933d11254ae329b05882337db1069f81e4d04cd4550c4b4b4fe35f9cd | — | |
hashc929ee54bdd45df0fa26d0e357ba554ef01159533501ec40f003a374e1e36974 | — | |
hashd21beddb601c2b16bbdb7934a12b822962e40d3b3f64b7f83edc763c57649bcf | — | |
hashd92bb6e47cb0a0bdbb51403528ccfe643a9329476af53b5a729f04a4d2139647 | — | |
hashe345d793477abbecc2c455c8c76a925c0dfe99ec4c65b7c353e8a8c8b14da2b6 | — | |
hashe4249cf9557799e8123e0b21b6a4be5ab8b67d56dc5bfad34a1d4e76f7fd2b19 | — | |
hashe73f6e1f6c28469e14a88a633aef1bc502d2dbb1d4d2dfcaaef7409b8ce6dc99 | — | |
hashfb2b9163e8edf104b603030cff2dc62fe23d8f158dd90ea483642fce2ceda027 | — | |
hashfdc86a5b3d7df37a72c3272836f743747c47bfbc538f05af9ecf78547fa2e789 | — |
Ip
| Value | Description | Copy |
|---|---|---|
ip185.107.74.40 | — | |
ip195.182.25.71 | — | |
ip31.177.109.39 | — | |
ip80.64.18.219 | — |
Domain
| Value | Description | Copy |
|---|---|---|
domainkatz-panel.com | — | |
domainkatzstealer.com | — | |
domainzxczxczxczxc.twist2katz.com | — |
Threat ID: 68795a0aa83201eaace8b7fe
Added to database: 7/17/2025, 8:16:10 PM
Last enriched: 7/17/2025, 8:31:38 PM
Last updated: 7/17/2025, 8:31:38 PM
Views: 2
Related Threats
Phish and Chips: China-Aligned Espionage Actors Ramp Up Taiwan Semiconductor Industry Targeting
MediumEvolution of macOS Odyssey Stealer: New Techniques & Signed Malware
MediumMaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities
MediumGhostContainer backdoor for Exchange servers
MediumSVG Smuggling - Image Embedded JavaScript Redirect Attacks
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.