InfoStealers: The Silent Pickpockets of the Internet

Login credentials: Usernames, passwords, and other authentication details like session cookies for various online accounts. We’re now starting to see infostealers exfiltrate 2FA tokens and passkeys.

Financial information: Credit card numbers, bank account details, and other financial data stored in the browser.

Identity data: Social security numbers, addresses, phone numbers, and other forms of PII.

Spotting Social Engineering Attacks: Train staff to spot social engineering and use email security tools to defend against infostealers, often spread via phishing and malicious downloads.

Preventing Browser Synchronisation: This ensures that passwords to your corporate systems are not accessible through personal devices.

Utilising Advanced Identity Management and Access Control: These systems track behavior and react to suspicious activity by blocking or adding new verification methods.

Proactively Search for Logs: Proactively search infostealer markets and dark-web threat intelligence for company and employee logins, including hijacked accounts.

Incorporating Endpoint Detection and Response (EDR): EDR tools monitor for malware-based detection, quickly identifying new infostealer variants and stopping session-based detection bypass methods.

Leveraging Multi Factor Authentication: Though infostealers can bypass MFA via session cookies, MFA remains crucial. It acts as a failsafe, protecting data even if login credentials are compromised by an infostealer attempting a wider attack.