Braodo Info Stealer Targeting Vietnam and Abroad
Essential information
- Published
- 15/07/2024 10:42
- Modified
- 15/07/2024 10:54
- Tags
- 2024-07-15 braodo stealer exfiltration obfuscation stealer telegram vietnam
- Related entities
- 14 observables, 10 techniques (mitre), 1 malware, 6 others
Description
CYFIRMA discovered Braodo Stealer, a Python-based malware active since early 2024, primarily targeting users in Vietnam but also present in the US, Czechia, Germany, Netherlands, Singapore, and the UK. This malware utilizes GitHub and a Singapore-based VPS server to host and distribute its malicious code. It exfiltrates internet browser data, including credentials from various platforms and accounts, via Telegram bots. Developed by threat actors based in Vietnam, Braodo Stealer operates stealthily, collecting and archiving data before sending it to the bots.