[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fa5ZR9TPwVjWX2blEBREE66j0ecpg8EiCAtn6SrwLTh4":3},{"article":4,"iocs":35},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":24,"category":25,"article_tags":29},"7667c040-d389-4f29-a08a-2ec0436b1c06","StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them","stealc-and-amadey-breaking-down-infostealers-and-the-cybercrime-services-that-de-6d60dd","On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that formed the backbone of the StealC and Amadey infrastructure. This blog is a technical breakdown of StealC and Amadey. The post StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them appeared first on Microsoft Security Blog.","Microsoft's Digital Crimes Unit coordinated the takedown and blocking of infrastructure domains supporting StealC and Amadey infostealers on June 24, 2026. The action targeted the backbone of these cybercrime-as-a-service operations that deliver malware to victims. Microsoft published a technical analysis breaking down the capabilities and distribution mechanisms of both infostealers.","Microsoft DCU takes down StealC and Amadey infostealer infrastructure domains.","May 28 24 min read The Gentlemen ransomware: Dissecting a self-propagating Go encryptor Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by affiliates of Storm-2697 that combines per-file ephemeral key encryption with an aggressive self-propagation module to deploy itself across an entire network using series of simultaneous lateral movement techniques per target.","https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fsecurity\u002Fblog\u002F2026\u002F06\u002F24\u002Fstealc-and-amadey-breaking-down-infostealers-and-the-cybercrime-services-that-deliver-them\u002F","https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fsecurity\u002Fblog\u002Fwp-content\u002Fuploads\u002F2026\u002F06\u002FStealC-Amadey-featured.png","2026-06-24T12:30:00+00:00","2026-06-24T14:00:33.155739+00:00",8,[18,21],{"name":19,"type":20},"Microsoft","vendor",{"name":22,"type":23},"Storm-2697","threat_actor","89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5",{"id":24,"icon":26,"name":27,"slug":28},null,"Malware","malware",[30],{"category":31},{"id":32,"icon":26,"name":33,"slug":34},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[36,39,41],{"type":28,"value":37,"context":38},"StealC","Infostealer malware with infrastructure taken down by Microsoft DCU",{"type":28,"value":40,"context":38},"Amadey",{"type":28,"value":42,"context":43},"The Gentlemen","Go-based ransomware deployed by Storm-2697 affiliates with self-propagation capabilities"]