ACRStealer, a new information-stealing malware, is rapidly increasing in distribution since 2025, leveraging legitimate platforms like Google Docs and Steam for its command-and-control communications. The malware is primarily spread through software cracks and key generators used for piracy, disguising itself as illegal programs. It boasts capabilities to steal a wide range of sensitive data, including cryptocurrency wallets, login credentials, browser data, and more, which can then be exploited for financial gain or identity theft. ACRStealer employs a flexible C2 mechanism using a Dead Drop Resolver, allowing attackers to change the C2 domain without updating the malware itself. Researchers advise that avoiding unauthorized software downloads, enabling multi-factor authentication, and using active anti-malware solutions can help prevent infections. Continue here.
