CYFIRMA’s latest threat report reveals the workings of PupkinStealer, a .NET-based information stealer designed to extract a focused set of sensitive data from victim systems. Targeting browser credentials, desktop files, Telegram and Discord sessions, and screenshots, the malware compresses all stolen content into a ZIP archive and exfiltrates it using the Telegram Bot API, making attribution and detection more challenging. Our report includes a full technical analysis, Indicators of Compromise (IoCs), MITRE ATT&CK mapping, and a custom YARA rule for detection.
Stay informed and enhance your defenses.
Link to the Research Report: https://www.cyfirma.com/research/pupkinstealer-a-net-based-info-stealer/
#CyberSecurity #CYFIRMAResearch #ThreatIntel #Infostealer #PupkinStealer #MalwareAnalysis #CYFIRMA #ExternalThreatLanscapeManagement #ETLM
https://www.cyfirma.com/
