Info Stealer

Phemedrone Stealer

First seen: 2023-09 • Status: active

Currently Active Threat

Phemedrone is a clever password stealer that can bypass Windows security features. It steals browser passwords and crypto information.

Overview

Phemedrone is a newer information stealer that gained attention in 2023. It exploits Windows Defender SmartScreen bypass vulnerabilities.

Also Known As

Phemedrone

How It Spreads

  • SmartScreen bypass exploits
  • Phishing
  • Malicious downloads

What It Does

  • Bypasses Windows Defender
  • Steals browser data
  • Extracts crypto wallets

Is your business exposed?

Target Platforms

Windows 10, Windows 11

Detection Tips

  • Monitor SmartScreen bypass attempts
  • Watch for unusual script execution

MITRE ATT&CK Techniques

T1555, T1218, T1005

If You're Infected

  1. 1.

    Update Windows to patch SmartScreen

  2. 2.

    Run full security scan

Related Malware

Stealc, Lumma Stealer

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices