logo

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

ID: f03a366d-f109-597e-848a-60088e76843b

STIX ID: report--f03a366d-f109-597e-848a-60088e76843b

Feed Name: Microsoft Security

Threat Score
78/100

Date Published: 2026-06-24

Date Updated: 2026-06-24

Author: Microsoft Threat Intelligence, Microsoft Defender Security Research Team and Microsoft Digital Crimes Unit

...
...

Microsoft threat intelligence describes StealC (an infostealer MaaS) and Amadey (a modular MaaS loader), detailing how they harvest browser and application credentials, exfiltrate data to C2, enable downstream access brokers and ransomware actors, and are delivered via deceptive downloads, loaders, and other scalable techniques; the blog also documents a coordinated takedown of over 200 domains/IPs, provides technical indicators (hashes, C2 URLs), TTPs, and mitigation guidance for defenders.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.