ObserverStealer

Observer Stealer, 2023 Russian cybercrime market. Same group as AMOS (macOS). Discord/Telegram/crypto wallet/browser password.

Threat Profile
Type Infostealer
Programming LanguageC++
C2 ProtocolHTTP/Telegram
First Seen2023
Targets Kuresel
Purpose / Capabilities
  • Credential Stealer
No C2 servers have been identified for this family yet.

Research Reports (1)

High

Observer Stealer -- 389KB, C2 Config Fragmentleri, CreateMutexW, Certum TLS | Yüksek

Observer Stealer 389KB. C2 config fragmentleri. CreateMutexW. Certum TLS sertifika dogrulaması.

Read Report →