Derp.ca
← All malware

DeerStealer

According to Broadcom, DeerStealer is an information stealer written in Delphi and targeting devices running an windows operating system. The malware has hidden VNC capabilities for stealthy remote desktop control, collecting crypto wallets from USB sticks and over 800 browser extensions. It exfiltrates the stolen data in form of a ZIP archive to a botnet C2 server.

Last 7 days

Mar 2, 2026
C2 Hosts: 1

Further Reading

MalwareBazaar | DeerStealer

DeerStealer malware samples

bazaar.abuse.ch
DeerStealer malware spread via fake Google Authenticator websites

DeerStealer malware spread via fake Google Authenticator websites

broadcom.com
DeerStealer Malware Delivered Via Weaponized .LNK Using LOLBin Tools | Cryptika Cybersecurity
cryptika.com
Don't Get Caught in the Headlights - DeerStealer Analysis

Read more about how eSentire's Threat Response Unit (TRU) detected several attempts by threat actors to download and execute HijackLoader and how many of these attempts involved the attempted deplo...

esentire.com
Threat actor impersonates Google via fake ad for Authenticator

Only trust official sources they say, but what happens when a Google vetted ad is for a Google product?

malwarebytes.com