VERY IMPORTANT

This analysis examines Infostealer trends in August 2025, focusing on distribution volume, methods, and disguises. AhnLab's automated systems collect and analyze malware, providing real-time IOC services. Infostealers, often disguised as cracks, are distributed through SEO poisoning. Notable variants include LummaC2, ACRStealer, and Rhadamanthys. Distribution methods evolved from personal blogs to legitimate websites, bypassing search engine restrictions. Malware is primarily distributed as EXE files (89.7%) or through DLL-SideLoading (10.3%). Two significant trends emerged: mass distribution via Slack Marketplace and ACRStealer's domain masquerading technique, which now targets security company domains to evade detection.