: The stolen data is exfiltrated using Telegram as a Command and Control (C2) channel, making the traffic appear legitimate to many firewalls. The Monetization Ecosystem
: Saved passwords, cookies, and autofill information from Chrome, Firefox, and Edge. CrackingPackv1.2.0.zip
The analysis by SentinelLABS reveals a highly organized criminal operation: : The stolen data is exfiltrated using Telegram
: Over 4,000 unique victims have been identified across more than 60 countries. and autofill information from Chrome
: Organizations should monitor or restrict unauthorized Telegram desktop application usage, as it is a preferred C2 channel for this malware.