SYMBOLCOMMON_NAMEaka. SYNONYMS
win.svcstealer (Back to overview)

SVCStealer

According to Broadcom, SVCStealer is an information stealer written in C++, targeting devices running an windows operating system. It collects sensitive information from the infected device such as system information, credentials, cryptocurrency wallets, data stored in browsers, screenshots, data from messaging applications such as Telegram or VPN apps. The collected information is compressed into a .zip archive and extracted to botnet C2 servers.

References
2025-12-25abuse.chabuse.ch
MalwareBazaar | SVCStealer
SVCStealer
2025-03-24Rewterz Information SecurityRewterz Information Security
SvcStealer Malware Targeting Users to Extract Sensitive Data from Browsers and Applications – Active IOCs
SVCStealer
2025-03-24BroadcomBroadcom
SVCStealer malware
SVCStealer
2025-03-21SeqriteManoj Neelamegam
SVC New Stealer on the Horizon
SVCStealer

There is no Yara-Signature yet.