Threat Actors Transform GIFTEDCROOK Stealer into an Intelligence-Gathering Tool
gbhackers
The Arctic Wolf Labs team has uncovered a dramatic transformation in the capabilities of the GIFTEDCROOK infostealer, wielded by the threat group UAC-0226.
Initially identified as a rudimentary browser data stealer in early 2025, this malware has undergone rapid evolution through versions 1.2 and 1.3, morphing into a sophisticated intelligence-gathering tool by June 2025.
This progression reflects a deliberate strategy to target sensitive data from Ukrainian governmental and military entities, aligning with critical geopolitical events such as the Ukraine peace negotiations in Istanbul.
Evolution of a Cyber-Espionage Weapon
The malware’s enhanced ability to exfiltrate a wide array of proprietary documents and browser secrets underscores a shift toward comprehensive data collection, likely aimed at supporting covert intelligence objectives during periods of diplomatic and military significance.
Delving into the technical intricacies, GIFTEDCROOK’s initial version (v1) focused solely on extracting browser credentials, with data ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE