Included among the emergent info stealers is Titan, a Go-based stealer with the capability to exfiltrate data from 20 different web browsers, which has amassed more than 600 subscribers on its Telegram channel since its initial appearance in November, a KELA report showed. Operators of Titan have also been continuously updating the stealer, with the latest version released in March and an upcoming version teased the following month.
On the other hand, more than 70 browsers, two-factor authentication extensions, and cryptocurrency wallets are being targeted by the LummaC2 stealer, which has been sold via RussianMarket in February after being rebooted on Telegram in January.
More threat actors have also been using the Stealc stealer that features automated exfiltration for 75 plugins, 25 desktop wallets, and 22 web browsers, while the WhiteSnake stealer for Windows and Linux systems has gained more than 750 Telegram subscribers. Such stealers have been gaining traction due to competitive pricing, ensuring the continued popularity of malware-as-a-service operations, said KELA researchers.