For years, cybersecurity reports have centered around well-known stealers like Vidar and Raccoon. there’s an often overlooked and underestimated threat that exists : low-profile cybercriminals
. These are typically young actors, flying under the radar and posing a unique and evolving risk.

In this talk, we will dive into the French stealer ecosystem, offering insights into the lesser-known groups operating within it. After an overview of the ecosystem—mapping out the groups and their interconnections—we will provide a technical deep-dive into the simplicity and effectiveness of their stealers. We’ll also reveal how we identified similar stealers lurking in open-source repositories.

The final part of the presentation will expose the poor operational security practices of these actors, culminating in a compelling case study of the group 'Epsilon.' Starting from a simple forum complaint, we’ll demonstrate how we uncovered a surprising link between one of the group’s administrators and a potential drug trafficking operation.