SYMBOLCOMMON_NAMEaka. SYNONYMS
win.deerstealer (Back to overview)

DeerStealer

According to Broadcom, DeerStealer is an information stealer written in Delphi and targeting devices running an windows operating system. The malware has hidden VNC capabilities for stealthy remote desktop control, collecting crypto wallets from USB sticks and over 800 browser extensions. It exfiltrates the stolen data in form of a ZIP archive to a botnet C2 server.

References
2025-12-25abuse.chabuse.ch
MalwareBazaar | DeerStealer
DeerStealer
2025-07-22Cryptika cybersecurityCryptika cybersecurity
DeerStealer Malware Delivered Via Weaponized .LNK Using LOLBin Tools
DeerStealer
2025-06-12eSentireeSentire Threat Response Unit (TRU)
Don't Get Caught in the Headlights - DeerStealer Analysis
DeerStealer
2024-07-31BroadcomBroadcom
DeerStealer malware spread via fake Google Authenticator websites
DeerStealer
2024-07-30eSentireJérôme Segura
Threat actor impersonates Google via fake ad for Authenticator
DeerStealer

There is no Yara-Signature yet.