Katz Stealer is a sophisticated infostealer marketed as Malware-as-a-Service (MaaS), launched in early 2025. It features robust credential and data theft capabilities, along with modern evasion and anti-analysis techniques. The stealer targets a wide range of personal and sensitive information, including passwords, cryptocurrency keys, and browser session data. Operated through a web-based management panel, Katz Stealer allows affiliates to generate custom payloads and manage stolen data. Its infection chain involves obfuscated JavaScript droppers, steganography, and process hollowing techniques. The malware focuses heavily on browser data theft and cryptocurrency wallet targeting, with the ability to bypass some browser security measures. Author: AlienVault
Related Tags:
Katz Stealer
T1553.002
evasion techniques
T1027.001
T1548.002
T1573.002
T1573.001
T1070.004
data exfiltration
Associated Indicators:
FDC86A5B3D7DF37A72C3272836F743747C47BFBC538F05AF9ECF78547FA2E789
E4249CF9557799E8123E0B21B6A4BE5AB8B67D56DC5BFAD34A1D4E76F7FD2B19
2852770F459C0C6A0ECFC450B29201BD348A55FB3A7A5ECDCC9986127FDB786B
C601721933D11254AE329B05882337DB1069F81E4D04CD4550C4B4B4FE35F9CD
925E6375DEAA38D978E00A73F9353A9D0DF81F023AB85CF9A1DC046E403830A8
6DC8E99DA68B703E86FA90A8794ADD87614F254F804A8D5D65927E0676107A9D
B912F06CF65233B9767953CCF4E60A1A7C262AE54506B311C65F411DB6F70128
22AF84327CB8ECAFA44B51E9499238CA2798CEC38C2076B702C60C72505329CB
5DD629B610AEE4ED7777E81FC5135D20F59E43B5D9CC55CDAD291FCF4B9D20EB