Gremlin Stealer: New Stealer on Sale in Underground Forum
1 min read
Summary
Researchers have discovered a new information-stealing malware, which they’ve called Gremlin Stealer, written in C#.
It exfiltrates data from victims’ computers, taking information from browsers, the clipboard, and the local disk.
This stolen information includes credit card details, crypto wallet info, FTP and VPN credentials, and browser cookies.
The malware has been advertised on a Telegram group since March 2025, and its authors claim to have uploaded vast amounts of data from victims to a website at 207.244.199.46.
Palo Alto Networks offers a range of products to protect users from Gremlin Stealer, including Network Security and the Cortex line.
