White Intel Knowledge Center
  • Getting Started
    • Quickstart
    • Getting an Account
    • Sign-in
  • Basics
    • Stealer Logs
    • Combolist Logs
    • Consumer Records
    • Corporate Records
  • WHITE INTEL USAGE
    • Dashboard
    • Global Search
    • Watchlists
    • Watchlist Events
  • Organization Settings
  • API Access
  • Webhooks (Incoming)
  • Purchasing Subscription
    • Researcher Subscription
    • Enterprise Subscription
    • Threat Intel Subscription
  • Frequently Asked Questions
    • FAQ
Powered by GitBook
On this page
  1. Basics

Stealer Logs

PreviousSign-inNextCombolist Logs

Last updated 15 days ago

Information stealers are a type of malware designed to collect and extract data from infected devices, including saved passwords from web browsers. Victims can become infected through various means, including downloading cracked software, accessing files from untrusted websites, or using activator applications. These methods often bypass security measures, making devices vulnerable to malware that can stealthily extract sensitive data. The information extracted from infected devices is often purchased, accessed, and utilized by threat actors to compromise systems, steal money, or demand ransoms.

A typical information stealer logs contains following information;

  • Date of Infection

  • Device system information which include Hostname, IP, Working Path, Antviruses

  • Files from the destek of infected device

  • Saved credentials from the infected devices' browsers

Followings are one the most common information stealer variants in wild;

  • Raccoon

  • Redline

  • Luma

  • Vidar

  • Stealc

  • Monster

Despite the different variant names, they all offer similar data extraction services. The image below is an example of an information stealer log found on dark web resources.

White Intel Approach

White Intel continuously monitors dark web resources to detect, collect, and parse data, transforming it into actionable intelligence items.

Sample Information Stealer Logs