"ThirdEye Infostealer Poses New Threat to Windows Users"

 Security researchers at FortiGuard Labs discovered a new infostealer called ThirdEye that is potentially targeting Windows users.  The researchers stated that ThirdEye is designed to extract valuable system information from compromised machines, which can be used in future cyberattacks.  The researchers said that while ThirdEye is not considered technically elaborate, its capabilities include harvesting BIOS and hardware data, enumerating files and folders, identifying running processes, and collecting network information.  The researchers noted that after collecting the compromised system’s information, the malware sends it to a command-and-control (C2) server.  Notably, the infostealer uses a unique string, “3rd_eye,” to identify itself to the C2.  The researchers stated that analysis of the samples revealed that the earliest variant, discovered in April 2023, collected limited information compared to the more recent samples.  Over time, the infostealer has evolved, adding additional data-gathering capabilities.  The researchers noted that ThirdEye variants were submitted to a public scanning service from Russia, and the latest variant has a file name in Russian, suggesting a potential focus on Russian-speaking organizations.  The researchers emphasized that while there is no concrete evidence of ThirdEye being used in attacks, system defenders should still be wary of this malware tool.

Infosecurity reports: "ThirdEye Infostealer Poses New Threat to Windows Users"