OTX Bot<p>RAVEN STEALER UNMASKED: Telegram-Based Data Exfiltration</p><p>Raven Stealer is a modern, lightweight information-stealing malware developed in Delphi and C++. It targets Chromium-based browsers to extract sensitive data, including passwords, cookies, and payment details. The malware uses a modular architecture and UPX packing to evade detection. It executes stealthily and exfiltrates data via Telegram bot integration. Distributed through GitHub and promoted on Telegram, Raven Stealer's user-friendly interface and dynamic module support make it attractive in the commodity malware ecosystem. The malware's capabilities include credential theft, browser data harvesting, and real-time exfiltration, posing a significant threat when used maliciously.</p><p>Pulse ID: 6884f157954b5e95a3f11907<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/6884f157954b5e95a3f11907" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/6884f</span><span class="invisible">157954b5e95a3f11907</span></a> <br>Pulse Author: AlienVault<br>Created: 2025-07-26 15:16:39</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/Browser" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Browser</span></a> <a href="https://social.raytec.co/tags/Cookies" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cookies</span></a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/Delphi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Delphi</span></a> <a href="https://social.raytec.co/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/Password" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Password</span></a> <a href="https://social.raytec.co/tags/Passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Passwords</span></a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RAT</span></a> <a href="https://social.raytec.co/tags/Telegram" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Telegram</span></a> <a href="https://social.raytec.co/tags/Word" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Word</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AlienVault</span></a></p>