Among the intruders is gaining the popularity of the Aurora infostiler. At least seven notable groups have either switched to using it, or are launching it in parallel with Raccoon and Redline Stealers. Ironically, the increase in popularity is associated with the low popularity of the new malware, as well as the low detection rate.
Aurora, written in Go, surfaced on Russian-language forums in April 2022. At first, the authors took a swing at a multifunctional botnet, but later slowed down to an infostiler in its current form. It turned out to be a secretive, lightweight and completely native malware without dependencies and with a bunch of features. Here (https://blog.sekoia.io/aurora-a-rising-stealer-flying-under-the-radar/#h-a-popular-stealer-in-the-traffers-landscape ) you can read more about the technical details of the rising star of the cybercrime market, actively distributed through various channels from cheats and broken software to cryptofishing.