Information makes the world go round, and malicious actors treat it as gold. Personal data stored on your device is a prime target for these cybercriminals, and they can nick it by infecting your device with infostealer malware.
The main goal of an infostealer is to, as it says on the tin, steal your information. From bank card information and account logins to private conversations and sensitive photos, this nasty piece of malware can be used by attackers for identity theft, blackmail and using your account to purchase goods.
Infostealers are hugely profitable on dark web markets, as data stolen can contain valuable information on individuals and confidential company documents.
That makes everyone a target when it comes to infostealer malware. So, find out what is an infostealer and how to remove it from your device below.
- Exclusive: Norton 360 warns ‘data is where the real currency is’
- Fleeceware explained: What is it and how to remove it
What is infostealer malware?
Information-stealing malware, or infostealer, is a type of malware that gathers information on an infected device to send to a threat actor. It targets login credentials saved in browsers, browsing history, credit card and crypto wallet information, location data, device information, emails, social media platforms and instant messaging clients – anything valuable.
Stolen data is collected in logs and sent to the attacker. Account details and banking card information are the most sought after, as threat actors can use this information for themselves or sell it on dark web markets. Infostealer logs are hugely profitable in underground marketplaces, making them a popular form of malware.
The first sign of infostealers came about in 2007 when cybersecurity analysts detected a Trojan malware called ZeuS, or Zbot. This program aims to steal user credentials and banking information on Microsoft Windows devices to exploit individuals and organisations. It affected users around the globe, leading to the theft of billions of dollars due to its ease of installation and availability as a Malware-as-a-Service (MaaS).
From there, variants of infostealer malware became more widespread. This includes the infamous Racoon infostealer, Vidar, Mars Stealer, BlackGuard and Redline Stealer. Recently, security researchers have seen them being used to steal ChatGPT accounts. This showcases the rise of malicious threat actors using infostealers to gain private data.
How does infostealer infect devices?
Like most malware, including spyware or Trojans, infostealers are distributed through phishing emails, fake websites, dodgy ads on web pages, malicious downloads or attachments, apps and more. Because they can be hard to detect, it’s a good idea to set up the proper protection on your online accounts and devices.
Inforstealers can be used in many ways, whether through Trojans, keyloggers or stalkerware. The malware can use keylogging to record what a user types on a device, web injection scripts that add fields on forms to sneakily send information to the attacker and cookies to steal saved passwords.
Because infostealers can be bought for a fee, it even allows criminals with limited knowledge of software to use the malware. For example, according to cybersecurity website BlackBerry, Raccoon, also called Racealer, could be bought for around $75 per week or $200 per month as MaaS on dark web forums. It can be used to steal autofill passwords, browser cookies, history, and cryptocurrency wallet information and to obtain a user’s location.
How do you remove an infostealer?
A simple click can lead an unsuspecting user to download an infostealer. From email attachments to suspicious websites tricking users into clicking dangerous links, threat actors will do whatever they can to dupe their victims.
That’s why staying a few steps ahead is a good idea. Using antivirus software to perform security scans and protect your email will help keep infostealers at bay. For an in-depth look at how to detect and remove malware on iPhone and Android or Chrome, we’ve got you covered. You can also check out how to stop scam emails to keep your account safe.
- How to block scam email in Gmail
- How to block scam email in Outlook
- How to stop spam email in Yahoo Mail
Use antivirus software to protect your device
The best antivirus software can help detect and protect you from all types of malware, including infostealers.
Many AV come with a suite of security features that can get rid of virus, malware, ransomware, spyware or any malicious software that burrows into your device or web browser. Some antivirus software, such as Bitdefender, offers security subscriptions specifically for devices such as a PC, iPhone or Android, making it a more cost-effective option.
We recommend trusted AV software including Avast One, Norton 360 and Bitdefender, as they can efficiently detect and remove malware on your device. Check out our thoughts on each AV below.
- Norton 360 Platinum review: Security multiplied
- Bitdefender review: All-in-one premium security
- Avast One review: Strong antivirus for free!
Perform a safety check
1. On Google Chrome, click on the three vertical dots in the upper-right corner and select Settings.
2. Select Privacy and security in the right-hand toolbar.
3. Under Safety check, click Check now (or the arrow to perform it again).
If Chrome finds any issues, you’ll be able to tap on the option and follow the instructions to see how to handle the it. For those who don’t want to give malware hiding on web pages any chances, you can also turn on Advanced protection.
1. In Privacy and security, click on Safe Browsing under Safety Check (or Security under Privacy and security).
2. Select Enhanced protection to turn it on.
