December 2025 Infostealer Trend Report

AhnLab ASEC's December 2025 Infostealer report details widespread distribution of information‑stealing malware via SEO‑poisoned crack/keygen pages and compromised WordPress sites, highlights prevalent delivery/execution techniques (EXE, DLL sideloading, and novel Python library injection), and documents Tor‑enabled cryptocurrency theft campaigns that hijack clipboards and exfiltrate BIP39 seed phrases; the report provides multiple MD5 hashes, C2 URLs/FQDNs, and directs readers to ATIP IOC services for blocking and further analysis.