1. Symantec/
  2. Security Response/
  3. Infostealer


Risk Level 1: Very Low

December 8, 1997
May 21, 2013 1:58:18 PM
Infection Length:
Systems Affected:
Infostealer is a detection name used by Symantec to identify malicious software programs that gathers confidential information from the compromised computer.

Infostealer is a type of Trojan horse program that has a very specific payload goal. This Trojan gathers confidential information from the computer and sends it to a predetermined location. This information can be financial, related to the compromised computer or user credentials for various web sites. Often the Trojan may steal a combination of all three types of sensitive information.

Once stolen, login details, credentials from particular web sites, passwords, financial information and other personally identifiable information can be sold on the black market. This underground hive of criminal activity is a booming illegal multi-billion dollar a year business. The stolen information can be worth considerable sums of money depending on the details involved. For example, in 2008 it was reported by Symantec researchers that some of the most popular items of information sold in the underground economy changed hands for the following prices:

  • Credit card information - for between US$0.06 - $30 each.
  • Bank accounts - for between US$10 - $1000 each depending on the balance.
  • Email accounts - for between US$0.10 - $100 each

The most often used technique, keylogging, is effective at collecting much of the information that is targeted by the attacker. For these Trojans, the goal is to collect as much data as possible; the more details about the user that end up in the hands of the remote attacker, the bigger the potential profit.

To see how effective keylogging is, check out Symantec's video, The Threat Factory - Keystroke Logging From the Victim and Cybercrminal's Perspective.

Antivirus Protection Dates

  • Initial Rapid Release version December 20, 2000
  • Latest Rapid Release version February 11, 2014 revision 025
  • Initial Daily Certified version December 20, 2000
  • Latest Daily Certified version February 27, 2014 revision 002
  • Initial Weekly Certified release date December 10, 1997
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Angela Thigpen

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube