AuTo Stealer

Malware Profile Updated 24 days ago
Download STIX
Preview STIX
AuTo Stealer is a malicious software (malware) developed in C++ and has been utilized by the Pakistani threat actor SideCopy since December 2021. The primary targets of this malware are government agencies and personnel located in India and Afghanistan. The deployment strategy involves the use of romantic lures, which have proven to be an effective means of tricking unsuspecting victims into downloading and executing the malware. The primary functionality of AuTo Stealer is information theft. It is specifically designed to gather and exfiltrate a wide range of data types, including Microsoft Office files, PDF documents, database and text files, and images. This stolen information is then transmitted over HTTP or TCP, making it a potent tool for cyber espionage and data theft. SafeBreach has been actively monitoring and documenting the activities of AuTo Stealer. Their coverage provides critical insights into the operation of this malware and its associated threat actor. By understanding its methods and tactics, cybersecurity professionals can develop more effective defenses against this type of threat. SafeBreach's research contributes significantly to the ongoing efforts to protect sensitive data and systems from such malicious attacks.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the AuTo Stealer Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Pakistan-Origin SideCopy Linked to New Cyberattack on India's Ministry of Defence
CERT-EU
a year ago
Hacker’s Playbook Threat Coverage Roundup: April 25, 2023 | #ransomware | #cybercrime – National Cyber Security Consulting
CERT-EU
a year ago
SideCopy маскируется под презентацию о ракете К-4 - Индийская оборона под угрозой