StealC hackers hacked as researchers hijack malware control panels

Researchers exploited a cross-site scripting (XSS) flaw in the StealC info-stealing malware’s control panel to gather intelligence on attackers, observing active sessions and hijacking panel access. This vulnerability allowed them to collect hardware and browser fingerprints, and even reveal an attacker’s location when they neglected to use a VPN.