Inside the Information Stealer Ecosystem: From Compromise to Countermeasure
Olivier Bilodeau, Eric Clay
ShmooCon XX (Final) · Day 2 · Belay It
Information stealer malware represents a rapidly escalating and pervasive threat within the cybercrime landscape, often operating beneath the radar of mainstream security discourse that tends to focus on state-sponsored or high-profile ransomware attacks. This talk, delivered by Olivier Bilodeau and Eric Clay, provides a granular exploration of the info stealer ecosystem, dissecting its economic drivers, common infection vectors, and the sophisticated methods threat actors employ to monetize stolen data. The presentation moves beyond traditional credential theft, unveiling how these malicious tools pilfer a wide array of sensitive information, from session cookies capable of bypassing multi-factor authentication (MFA) to secrets stored in browser extensions and even personal documents.
AI review
This session provides a highly detailed and practical look into the current information stealer ecosystem, moving beyond surface-level discussions to reveal the intricate economy, common infection vectors, and the diverse range of data exfiltrated, including MFA extension secrets and "Google Master Cookies." The Redline/Meta takedown case study offers valuable insights into operational disruption. While the foundational explanation of info stealers might be basic for some, the talk quickly delves into original research and actionable defensive strategies, delivered by credible speakers with…