Top Rising Stealer of Q1 2022: BlackGuard Stealer
Executive Summary
- BlackGuard Stealer, which collects and exfiltrates credentials and device information from infected PC, first appeared when the official seller posted a promotion article on the dark web forum in January 2022
- BlackGuard Stealer collects and exfiltrates not only credentials such as Browser user data, Local files, Crypto wallets, VPN accounts, Steam accounts, Discord tokens, FileZilla data, and Telegram session data, but also device information such as OS version, System information, IPv4, country, and screenshot from infected PC
- The collected information is stored in a temporarily created folder. After collecting information, the folder is compressed to a *.zip file and exfiltrated through Telegram API
👉You can read the full report in S2W Blog: