Noodlophile Stealer Evolves: Targeted Copyright Phishing Hits Enterprises with Social Media Footprints 

This analysis describes an active, targeted campaign deploying the Noodlophile Stealer via highly personalized copyright-infringement spear-phishing emails that lead victims to Dropbox/pastebin-style payloads and signed legitimate applications vulnerable to DLL side-loading; the stealer focuses on browser-based data (cookies, credentials), saved credit card data, and system/security information, uses Telegram-based staging and in-memory execution to evade detection, and includes comprehensive IOCs and hashes for defenders.