Info Stealer

AZORult

First seen: 2016-07 • Status: active

Currently Active Threat

AZORult steals passwords from browsers and cryptocurrency wallets. It has been around for years and is still widely used.

Overview

AZORult is a credential stealer that harvests browser data, cryptocurrency wallets, and application credentials. It remains popular despite being older.

Also Known As

Azorult

How It Spreads

  • Phishing
  • Exploit kits
  • Cracked software

What It Does

  • Browser credential theft
  • Cryptocurrency wallet theft
  • Desktop file theft

Is your business exposed?

Target Platforms

Windows

Detection Tips

  • Monitor for credential access
  • Watch for AZORult signatures

MITRE ATT&CK Techniques

T1555, T1005

If You're Infected

  1. 1.

    Reset all credentials

  2. 2.

    Move cryptocurrency to new wallets

Related Malware

Redline Stealer, Vidar Stealer

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices