COMMSEC: Tracing the Intrusion: Unveiling the Covert Trails of Infostealer Malware Ecosystems


August 25, 2023




CommSec Track

This talk presents the extensive research done on Infostealer malwares which has emerged as a major threat in the field of Cybersecurity with over 160000 malicious videos posted on approximately 60000 compromised YouTube channels disseminating these malwares in a single month. These videos cumulatively had approximately 1 million views per week.

We will explore different types of infostealer malwares, their operation, and insights from monitored data sources and the malwares’ success on YouTube is attributed to complex, multi-step attack sequences and the scale of their operations. We will also look at organized groups known as Traffer Groups, which sustain their operations through a cyclical process of infection, exploitation, and reinfection.

In addition a notable case study will be presented to provide insights into execution, damage of a significant infostealer malware attack. We will also discuss defense strategies against infostealer malwares, including the use of Indicators of Compromise (IoCs) and innovative approaches like preventing users from saving passwords on browsers and implementing stricter session limits.

Threat Researcher


As a Threat Researcher at CloudSEK, I am deeply committed to automating threat intelligence and have a fervor for hunting emerging threats. My extensive research and practical experience have culminated in significant findings and the creation of multiple automation projects, benefitting both me and my peers in the cybersecurity field. My expertise, combined with an innate knack for investigation, firmly places me at the forefront of cybersecurity, with a dedicated focus on understanding and combating digital threats. Outside of my professional life, I am a passionate football enthusiast, both as a spectator and a player in the virtual realm of FIFA.