Life on a Crooked RedLine: Analyzing the Infamous InfoStealer’s Backend

Botconf 2023
Friday
2023-04-22 | 14:30 – 15:00

Alexandre Côté Cyr 🗣 | Mathieu Lavoie 🗣

RedLine Stealer, first observed in 2020, is one of the most widely known infostealer malware. It operates on a Malware-As-A-Service (MaaS) model and is sold via forums and Telegram where affiliates can buy an all-in-one Control Panel. This panel can generate stealer samples, function as a C&C (Command and Control) server for these samples, and manage the stolen information. Many of these affiliates then sell the collected logs on dedicated marketplaces and Telegram channels.


Scroll to Top