MrAnon Stealer Attacking Windows Via Weaponized PDF Files

Phishing emails targeting Windows users are circulating with a malicious PDF file, ‘MrAnon Stealer’, which delivers malware disguised as hotel booking details. Using the PowerShell script, the malware steals users’ credentials, system data, browser sessions, and cryptocurrency extensions, then uploads them to a Telegram channel and public file-sharing website. Germany is the dominant target, with activity notably increased in November 2023. Users are urged to avoid suspicious emails and PDFs.