StealC is malware that exclusively targets Windows operating systems. It is typically distributed through malicious downloads and infects affected PCs. Once installed, the malware can silently extract sensitive data stored on the device and transmit it to attackers.
As part of an internationally coordinated law enforcement operation, the cybercrime infrastructure used to control StealC was successfully dismantled in June 2026.
Because the malware resided locally on the affected devices, credentials for email services, messaging platforms, online banking, online shops, gaming platforms, and hundreds of other online services could be obtained.
Based on the findings obtained during the law enforcement operation, the German Federal Office for Information Security (BSI) is currently informing NIS2-registered organizations about the incident and asking them to pass this information on to their users, as more than 100,000 accounts for email services, messaging platforms, online banking, online shops, gaming platforms, and numerous other online services are affected.
The BSI recommends the following measures for affected Windows users:
- Update your antivirus or anti-malware software and perform a full system scan to detect and remove StealC.
- Change all passwords, as the credentials were stolen directly from the affected PC. This affects not only individual online services but all credentials stored locally on the device.
Further information, recommendations, and guidance for affected users can be found on the BSI website in the StealC profile.
Quelle: https://www.bsi.bund.de/DE/Service-Navi/Presse/Pressemitteilungen/Presse2026/260624_Endgame.html