StealC
Also known as: StealC, StealC stealer, StealC V2
StealC is a lightweight malware-as-a-service infostealer, influenced by Vidar and Raccoon, that steals browser data, cookies, cryptocurrency wallets, and files. It is known for a flexible, server-side configurable design that lets operators tailor what data each build collects.
What is StealC?
StealC is an infostealer that appeared around 2023 and quickly gained traction. It borrows design ideas from Vidar and Raccoon and is sold as a malware-as-a-service. A later "V2" revision modernised its codebase and expanded its capabilities.
How StealC works
StealC uses a server-side configuration so operators can specify which browsers, extensions, wallets, and file types each campaign should target. It exfiltrates the standard stealer dataset and can fetch additional payloads, functioning as both a stealer and a loader.
Why StealC matters
StealC's configurability and active development have made it a fast-growing contributor to the stealer-log economy, and it frequently appears in the same marketplaces and channels as larger families.
VantaPrism tracks StealC among its monitored families, parsing its logs and tagging exposures with the responsible malware so teams understand the source and likely scope of a compromise.
Check Your Exposure arrow_forwardFrequently Asked Questions
What is StealC V2?
Is StealC related to Vidar or Raccoon?
Related Terms
Infostealer malware is a category of malicious software designed to silently harvest sensitive data — passwords, sess…
A stealer log is the package of data exfiltrated from a single device by infostealer malware. It typically contains s…
Vidar is a long-running infostealer, derived from the older Arkei stealer, that collects browser credentials, cookies…
Raccoon Stealer is a malware-as-a-service infostealer that harvests passwords, cookies, autofill data, and cryptocurr…
Malware-as-a-service (MaaS) is a criminal business model in which malware authors rent or sell their software, infras…