Infostealer

RSS

Threat Research

MacOS

infostealer

clickfix

MacSync

Social engineering

Evil evolution: ClickFix and macOS infostealers

Across three recent campaigns, Sophos X-Ops notes shifts in both lures and malware capabilities, as threat actors leveraging ClickFix techniques increasingly target macOS users with infostealers

Threat Research

clickfix

Featured

GOLD FEATHER

human verification

infostealer

qilin

Ransomware

StealC

I am not a robot: ClickFix used to deploy StealC and Qilin

The fake human verification process led to infostealer and ransomware infections

Sophos Counter Threat Unit Research Team

Sophos Insights

digital identity

Featured

Identity Threat Detection and Response

Information Stealers

infostealer

Sophos ITDR

Infostealers: The silent doorway to identity attacks — and why proactive defense matters

Threat Intelligence Executive Report – Volume 2025, Number 6

Threat Research

EDR killer

infostealer

Ransomware

Threat Intelligence Executive Report – Volume 2025, Number 6

Threat Research

TamperedChef

EvilAI

infostealer

Sophos X-Ops

TamperedChef serves bad ads with infostealers as the main course

Threat Research

Astaroth

Brazil

Featured

Guildma

infostealer

worm

WhatsApp compromise leads to Astaroth deployment

Threat Intelligence Executive Report cover image for Volume 2025 Number 5

Threat Research

Featured

infostealer

MFA

multi-factor authentication

patching

Ransomware

Vulnerabilities

Threat Intelligence Executive Report – Volume 2025, Number 5

Closeup side view of a coyote hunting in grassland

Threat Research

Brazil

coyote

Featured

infostealer

Powershell

selenium

worm

WhatsApp Worm Targets Brazilian Banking Customers

A graphic showing a DNA strands and a microcope

Threat Research

AMOS

atomic stealer

infostealer

MacOS

Sophos X-Ops

Atomic macOS Stealer leads sensitive data theft on macOS