Stealers

A stealer is a type of Trojan, and its purpose is quite self-explanatory. The program is designed to steal important data. There are several ways to achieve that, but a stealer could employ keylogging for that as well. If that is the case, then the stealer in question could be classified as a keylogger, too.

The most general type of description for a stealer would be that of a program that collects information from the affected system. Most of the time, stealers gather such information as usernames and passwords and the system logon data. Keyloggers may steal even more sensitive information.

For instance, they could record banking logins and passwords and social security numbers whenever affected users use their keyboards to enter that data. And eventually, once the data is collected and logged, the stealer employs a stealthy connection to a remote server to send the collected information to its owner.

Password Stealers

Password stealers are probably one of the more common types of stealers nowadays because they quickly adapt to the current trends of keeping everything in your account (often on cloud service) rather than in a hard drive. The gaming industry has been affected by password stealers for years, and it is not hard to imagine why – gaming platforms have huge audiences that pay millions of dollars to play their games, and that automatically attracts hackers, too.

Therefore, to steal those lucrative accounts and their information, hackers use password stealers. In a sense, a password stealer is a modified banking Trojan. The main difference between the two is that banking Trojans intercept information that is being entered (practically keylogging it), whereas stealers sniff out and take away information that is already stored in the affected computer. The information could be saved in the default browser, its cookies, and other files that could contain sensitive information.

A good example of a password stealer is KPot. Hackers send this malicious program through spam e-mail attachments, and it employs various program vulnerabilities to download the actual payload onto the target system. Once the stealer is installed, it collects information about all programs installed on the computer and sends it over to its command-and-control server. From there, it is up to the malware owners to “tell” the infection what it is supposed to do.

Depending on how a stealer is configured, it can steal cookies, instant messaging program accounts, files from program folders, and so on. It is also rather hard to tell that the system has been infected with a stealer because these programs do not reveal themselves in any way.

Stealer Infection Prevention

To avoid stealer threats, one should bear in mind all the measures that should be employed to avoid regular Trojan infections, too. In order to protect individual accounts, users should consider enabling two-factor authentication (if the service is provided).  Avoiding suspicious websites and pirated software should also be a given because hackers know better than anyone else that people covet free stuff, so a lot of pirated software is often bundled with malware.

Finally, a reliable anti-malware tool can also increase the overall security levels. Since stealers and Trojans, in general, are “quiet” infections, regular system scans with powerful malware remediation tools should help users detect and remove potential threats early on.