The threat landscape in H2 2024 was quite tumultuous when it comes to some of the most prominent infostealer threats. One of them, the notorious #RedLine Stealer, finally met its demise after being taken down by law enforcement in #OperationMagnus.

The power vacuum left by RedLine’s takedown will likely lead to a bump in the activity of other #MaaS infostealers – this was already reflected in a dramatic increase in detections for Lumma Stealer and Formbook.

In ESET telemetry data, Formbook replaced Agent Tesla as the No. 1 infostealer after its detections shot up by more than 200%. Despite operating since 2016, this MaaS threat is constantly under development, which explains why it is still used so frequently by cybercriminals.

Meanwhile, Lumma Stealer had a busy period: its numbers skyrocketed by almost 400% between H1 and H2 2024, it made for about 75% of cryptostealer detections, and even reared its ugly head in a campaign targeting players of Hamster Kombat 🐹⚔️, a mobile clicker game.

To read more about the upheaval in the infostealer threat landscape, head on over to the H2 2024 #ESETThreatReport: https://web-assets.esetstatic.com/wls/en/papers/threat-reports/eset-threat-report-h22024.pdf

#ESETresearch

With cryptocurrencies reaching record values in H2 2024, cryptocurrency wallet data was one of the prime targets of cybercriminals. In ESET telemetry, this was reflected in a rise in #cryptostealer detections across multiple platforms, specifically Windows, macOS, Android.

The increase was most dramatic on macOS, where Password Stealing Ware targeting cryptocurrency wallets more than doubled. Windows #cryptostealers grew by 56%, and Android financial threats, targeting banking apps and wallets, grew by 20%.

Read more about threats targeting cryptocurrency wallets on various platforms in the latest #ESETThreatReport from #ESETresearch: https://web-assets.esetstatic.com/wls/en/papers/threat-reports/eset-threat-report-h22024.pdf