Cybersecurity researchers uncovered a cross-site scripting (XSS) vulnerability in the StealC information stealer’s control panel, revealing insights about the threat actor behind it. The breach exposed the threat actor’s location, operational practices, and security weaknesses, offering opportunities for further investigation. #StealC #YouTubeTA
Keypoints
- A cross-site scripting (XSS) flaw was discovered in the StealC control panel, allowing data collection on the threat actor.
- StealC is a malware-as-a-service (MaaS) platform primarily spread through YouTube and fake software cracks.
- The leaked source code enabled researchers to gather details on the threat actor’s infrastructure and operational security mistakes.
- Despite being built around cookie theft, StealC’s operators failed to implement basic cookie security measures.
- The threat actor, YouTubeTA, was exposed operating from Ukraine with a compromised location due to neglecting VPN use.
Read More: https://thehackernews.com/2026/01/security-bug-in-stealc-malware-panel.html