Info Stealer

Aurora Stealer

First seen: 2022-11 • Status: active

Currently Active Threat

Aurora is a Go-based password stealer that grabs your saved passwords, cryptocurrency info, and personal files. It is sold to criminals who want to steal your information.

Overview

Aurora is an information stealer written in Go, designed to steal browser data, cryptocurrency wallets, and various application credentials.

Also Known As

Aurora

How It Spreads

  • Phishing emails
  • Fake software sites
  • Malvertising

What It Does

  • Steals browser data
  • Extracts crypto wallets
  • Harvests saved credentials
  • Collects files

Is your business exposed?

Target Platforms

Windows 10, Windows 11

Detection Tips

  • Monitor for Go-based binaries accessing browser data
  • Watch for unusual file collection

MITRE ATT&CK Techniques

T1555, T1005

If You're Infected

  1. 1.

    Scan with updated antivirus

  2. 2.

    Reset compromised credentials

Related Malware

Stealc, Rhadamanthys

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices