ACR Stealer - Uncovering Attack Chains, Functionalities And IOCs

ACR Stealer is a sophisticated information-stealing malware that emerged in 2024 and has rapidly evolved into a formidable threat. It employs advanced evasion techniques, including Dead Drop Resolver methods, direct syscall implementation, and WoW64 transition abuse, to bypass security solutions. The malware targets over 200 applications, including web browsers, cryptocurrency wallets, and enterprise communication tools, and utilizes dynamic C2 resolution and multi-stage payload delivery for data exfiltration.