Find notable cyber news and cases, enriched with sources, timelines, and signals.

StealC infostealer delivered via FileFix phishing

Malware Activity
First reported
Last updated
Happening score
H score 29
1 unique sources, 1 articles

Summary

Hide ▲

A FileFix phishing operation is now delivering StealC infostealer, increasing the risk of credential theft and broader data exposure on infected Windows devices. The infection chain uses a disguised PowerShell command, hidden payloads, and in-memory decryption to evade detection. The malware can steal browser, messaging, wallet, cloud, VPN, and gaming data, and it can also capture screenshots.

Related Happenings

Vidar infostealer market rise and distribution expansion

Malware Activity
H score30 First: 28.04.2026 22:07 Last: 28.04.2026 22:07 Sources 1

About this happening: **Vidar** remains a long-running **infostealer** threat, and **Aryaka** reported a fresh campaign in **recent weeks** that adds **new obfuscation techniques** and stronger **steal...

Atomic Stealer (AMOS) macOS ClickFix Script Editor activity

Malware Activity
H score30 First: 09.04.2026 14:20 Last: 09.04.2026 14:20 Sources 1

About this happening: A **macOS** malware campaign has shifted its **ClickFix** execution flow to **Script Editor**, helping **Atomic Stealer (AMOS)** avoid the usual **Terminal** warning path. The cha...

Venom Stealer MaaS continuous credential theft and exfiltration

Malware Activity
H score29 First: 01.04.2026 16:30 Last: 01.04.2026 16:30 Sources 1

About this happening: The **Venom Stealer** **malware-as-a-service** platform has been identified as a **credential-theft** threat that keeps exfiltrating data after infection, extending the window for...

Torg Grabber browser-extension theft activity

Malware Activity
H score36 First: 25.03.2026 20:32 Last: 25.03.2026 20:32 Sources 1

About this happening: The **Torg Grabber** infostealer is actively stealing data from **850 browser extensions**, including **728 cryptocurrency wallet extensions**, which raises the risk of account ta...

Vidar Stealer 2.0 fake game-cheat distribution

Malware Activity
H score29 First: 18.03.2026 13:15 Last: 18.03.2026 13:15 Sources 1

About this happening: The **Vidar Stealer 2.0** malware is being spread through **fake game-cheat repositories** and **Reddit lures**, putting players seeking cheats for major online games at risk of *...

Timeline

  1. 16.09.2025 15:00 2 articles · 9mo ago

    Acronis reports FileFix campaign delivering StealC

    Initial Disclosure

    Acronis reports a new FileFix social-engineering campaign that impersonates Meta account suspension warnings, uses a multi-language phishing page to push a disguised PowerShell command through File Explorer, and delivers StealC infostealer via a JPG hosted on Bitbucket that hides a second-stage PowerShell script and encrypted executables.

    Show sources