Types
Infostealer
Malware that harvests credentials, cookies, crypto wallets and autofill data from an infected host, often sold as a service.
An infostealer is malware purpose-built to vacuum up sensitive data: saved browser passwords, session cookies, autofill, cryptocurrency wallets, and application tokens. The stolen data is packaged into "logs" and sold on criminal markets, where it fuels account takeover and follow-on intrusions.
Why it matters
Stealer logs are now a primary initial-access source for ransomware crews — a single stolen session cookie can bypass MFA. The model is commoditised: malware-as-a-service stealers like RedLine and Agent Tesla are rented cheaply to thousands of affiliates.
Defense
Rotate credentials, expire sessions aggressively, and monitor for stealer-log exposure. Endpoint detection should flag access to browser credential stores.