VERY IMPORTANT

Marco Stealer, discovered in June 2025, is an information stealer targeting browser data, cryptocurrency wallets, and sensitive files. It employs anti-analysis techniques, string encryption, and terminates security tools. The malware collects system information, exfiltrates browser data using embedded files, and extracts cryptocurrency wallet data from browser extensions. It also targets popular services and cloud storage. Marco Stealer uses AES-256 encryption for C2 communication over HTTP. Despite recent law enforcement actions against similar threats, information stealers continue to pose significant risks to corporate environments.