June 2025 Infostealer Trend Report

SUMMARY :

This analysis provides insights into Infostealer malware trends observed in June 2025. The data, collected through various automated systems, reveals changes in distribution methods and malware types. While LummaC2 has been dominant, June saw increased activity from Rhadamanthys, ACRStealer, Vidar, and StealC. A new variant of ACRStealer emerged, using advanced techniques like HTTP host domain spoofing and anti-analysis methods. Distribution via crack disguises decreased, with 94.4% in EXE format and 5.6% using DLL-SideLoading. A unique malware type was observed, creating an uncontrollable window prompting browser updates. Some samples now hide compression passwords in image files, indicating evolving evasion tactics.

OPENCTI LABELS :

stealc,vidar,infostealer,seo poisoning,rhadamanthys,lummac2,acrstealer,dll-sideloading,anti-analysis techniques


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


June 2025 Infostealer Trend Report