🚀 CloudSEK has raised $19M Series B1 Round – Powering the Future of Predictive Cybersecurity
Back
This is some text inside of a div block.

The Anatomy of an Attack: Pakistan Based Infostealer Delivery Network Exposed

14 Aug 25
This is some text inside of a div block.
min

Fill Details to Download

Thank You!

Your whitepaper is now downloading...
Oops! Something went wrong while submitting the form.

CloudSEK’s TRIAD uncovered a Pakistan-based infostealer distribution network run through PPI schemes InstallBank and SpaxMedia/Installstera. Using SEO-poisoned warez sites and forum spam, the group delivered Lumma, Meta, and AMOS stealers, amassing 449M+ clicks, 1.88M+ installs, and $4.67M in revenue. Leaked stealer logs exposed operators, infrastructure, and financial records, revealing a family-linked operation targeting global piracy seekers via thousands of domains over five years.

Pavan Karthick M
Threat Researcher at CloudSEK, building threat intelligence and automation systems for malware tracking, dark web intelligence, and vulnerability monitoring. He researches stealer ecosystems and cybercrime networks, and speaks at BSides, Null/OWASP, and HITB on AI-driven security automation.
Vikas Kundu
A naturally curious mind driven by the need to understand how things work and how to make them better. Passionate about learning, experimenting, and exploring new ideas across technology and security.
Nivya Ravi

Fill Details to Download

Thank You!

Your whitepaper is now downloading...
Oops! Something went wrong while submitting the form.