January 2026 Infostealer Trend Report
ID: bf89fd9b-0881-517e-9350-01888d9d1641
STIX ID: report--bf89fd9b-0881-517e-9350-01888d9d1641
Feed Name: ASEC
Threat Score
AhnLab's January 2026 ATIP report documents active distribution of Infostealer families (LummaC2, Vidar, ACRStealer, MacSync) spread via SEO-poisoned crack/keygen pages and legitimate sites, using EXE and DLL sideloading on Windows and terminal-based installers on macOS; it notes ACRStealer’s upgrade to ECDH + ChaCha20-Poly1305 for encrypted C2, provides hashes, domains and IPs, and recommends ATIP IOC service for blocking.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.