We have mentioned the KPOT Stealer as Trojan.PWS.Stealer recently when describing the Win32.Bolik.2 banking Trojan. If computer users that are infected by the KPOT Stealer want to know how this pest has entered their machines, the answer is that they should have downloaded a multimedia editing program, the VSDC program, which was infected by the Win32.Bolik.2 Trojan that had the KPOT Stealer bundled to its installation. The main function of the KPOT Stealer is to collect information from Microsoft accounts, programs, Web browsers and messaging services.
Luckily, it appears that not every computer infected by Win32.Bolik.2 will have the KPOT Stealer also installed. This is a positive aspect since the users infected by Win32.Bolik.2 may have time to remove it before it decides to use the KPOT Stealer on the victimized computer. Victims of the Win32.Bolik.2 and consequently with the KPOT Stealer should, as the first step, they should free their systems from these threats. Then, they should change their passwords for their online banking accounts, social media and other websites that can contain personal information and other private data. Since it is not easy to spot the KPOT Staler infection, they should use a professional anti-malware program to execute the cleaning part.