Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
A particularly insidious form of malware, an infostealer is a program that is designed to quietly infect a system and run discreetly in the background to secretly steal sensitive data like passwords or chat logs and send them back to hackers. A new malicious software, ACRStealer, identified by AhnLab Security Intelligence Center (ASEC) has been found to be infecting legitimate and trusted platforms such as Google Docs in order to infect users.
ASEC says that ACRStealer was first introduced in June 2024 but they expect to see a sharp rise in distribution as hackers successfully manage to use trusted platforms like Google Docs, Steam and telegra.ph to infect systems. Like other infostealers, ACRStealer will typically infect a system via a phishing email, a malicious attachment or a compromised website, but can also be disguised as an illegal program like cracks or keygens.
It uses a specific page of a legitimate web platform service – in this case Google or Steam – as an intermediary C2, instead of hardcoding the command-and-control address directly in the malware. In a method called Dead Drop Resolver (DDR), the attackers will encode the real C2 domain in Base64, then the malware will retrieve it and decode it for further malicious actions.
How to stay safe from infostealing malware
Because one of the main ways that infostealers are spread is through illegal software, make sure that you are only downloading software through legitimate websites and sources. Be cautious if anyone sends you a link to download software from any unknown or unexpected sources. Know the signs of phishing emails and attacks and how to avoid them, and never click on unexpected links or attachments.
Protect yourself and your system by making sure that your system has up to date antivirus software installed and running – some of the best antivirus software includes a rollback feature that can restore your system to a previous state if malware causes issues or instability. Use a VPN and multi-factor authentication whenever possible.
More from Tom's Guide
- Chase will start blocking Zelle payments to social media accounts to cut down on fraud
- Macs under attack from dangerous malware targeting digital wallets and Apple’s Notes app — how to stay safe
- Yes, you can use your browser's password manager – here’s how to do it safely
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
