Panda stealer is a malicious program, a new variant of CollectorStealer, designed to collect and exfiltrate sensitive and personal data from infected computers. It primarily targets cryptocurrency to steal Bytecoin, Dash, Litecoin, and other crypto wallets. Panda can steal log-in credentials from VPN software (NordVPN), messaging platforms, and digital distribution services for video games. It can also take screenshots of the infected machine and steal information from browsers such as cookies, passwords, and credit cards. It places files in the %Temp% folder, which keeps stolen data under randomized file names before sending it to a command-and-control (C&C) server.
Spam campaigns have been used to propagate Panda stealer. It is also known to propagate through malicious Microsoft Office Excel files.