Infostealer
Malware designed to silently harvest credentials, cookies, and sensitive data from infected devices.
Full Definition
An infostealer (or information stealer) is a category of malware specifically designed to harvest sensitive data from infected systems and transmit it back to a threat actor. Unlike ransomware or destructive malware, infostealers operate silently, prioritizing stealth over immediate impact to maximize the volume and value of data harvested.\n\nModern infostealers typically target browser-saved passwords, session cookies, cryptocurrency wallets, credit card details, autofill data, email credentials, VPN configurations, and files matching certain patterns. Leading infostealer families include Lumma, Redline, Raccoon, Vidar, and StealC.\n\nInfected devices generate "stealer logs" — structured packages of harvested data — which are sold on dark web marketplaces. A single log can contain credentials for dozens of corporate and personal services. Infostealers have become the primary source of the leaked credentials that fuel credential stuffing and account takeover campaigns globally.
Related Terms
Stealer Log
A structured package of data harvested by infostealer malware from a single infected device.
Data & LeaksMalware
Any software intentionally designed to cause harm, disrupt, or gain unauthorized access to systems.
Malware & InfrastructureAccount Takeover (ATO)
Unauthorized access to a user account by exploiting stolen credentials.
Attack TypesCommand and Control (C2/C&C)
Infrastructure used by threat actors to remotely communicate with and control compromised systems.
Malware & InfrastructureMonitor Your Exposure on Whiteintel
Understanding threats is the first step. Whiteintel continuously monitors dark web sources, stealer logs, and breach databases so you know the moment your organization's data is at risk.