Jul 6, 2026
C2 Hosts: 1
According to Rapid7, this malware collects and exfiltrates sensitive documents, credentials, wallets, and data from a broad range of applications, and aims to operate entirely in-memory to avoid file-based detection. Stolen data is then compressed, split into 10 MB chunks, and sent to a C2 server over unencrypted HTTP.
| Date | C2 Hosts |
|---|---|
| Jul 6, 2026 | 1 |