1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Malware control panels could give experts the tools they need to

    From TechnologyDaily@1337:1/100 to All on Mon Jan 19 15:45:09 2026
    Malware control panels could give experts the tools they need to spy on hackers

    Date:
    Mon, 19 Jan 2026 15:30:00 +0000

    Description:
    StealC's web-based control panel exposed - what did the researchers learn?

    FULL STORY ======================================================================CyberArk
    exploited StealCs control panel via source leak and XSS flaw Researchers exposed attacker YouTubeTA, who stole 390,000 passwords and 30M cookies Findings may disrupt StealC operations by attracting further scrutiny and attacks

    Cybersecurity researchers have managed to break into the web-based control panel for the StealC infostealer and gain valuable information on how the malware operates, and who both the attackers and the victims are.

    StealC is an immensely popular infostealer malware which first emerged a couple of years ago, and has since become one of the staples of the cybercriminal community.

    It can collect and exfiltrate sensitive data such as web browser credentials, cookies, system information, messaging app and email data, as well as cryptocurrency wallet details, and it offers different features such as modular targeting, stealthy execution, and flexible command-and-control communications. Doxxing victims

    Security researchers from CyberArk found two ways to access the control
    panel; through a source code leak that happened around April 2025, and
    through a cross-site scripting (XSS) vulnerability they discovered.

    By exploiting the vulnerability, we were able to identify characteristics of the threat actors computers, including general location indicators and computer hardware details, the researchers said. Additionally, we were able
    to retrieve active session cookies, which allowed us to gain control of sessions from our own machines.

    The report details one threat actor, dubbed YouTubeTA, who used stolen credentials to log into legitimate YouTube channels and plant links for the malware. The campaign brought YouTubeTA more than 5,000 victim logs, 390,000 passwords, and 30 million cookies.

    CyberArk discovered that the attacker used an Apple M3-based device, with English and Russian language settings. The time zone was set to Eastern Europe, and on at least one occasion, they logged in from Ukraine. Usually, cybercriminals would only log in through a VPN to cover their tracks, but
    this threat actor forgot to do that once, revealing their IP address, which
    is linked to the Ukrainian ISP TRK Cable TV.

    By releasing this news, CyberArk hopes StealC will also be targeted by other players, both benign and malicious, thus disrupting the entire operation.

    Via BleepingComputer

    Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
    Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/malware-control-panels-could-give-exper ts-the-tools-they-need-to-spy-on-hackers


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)