APT / THREAT GROUP

Eredel

2
aliases
Last seen:Mar 17, 2026

Intelligence Profile

Eredel Stealer is a low price malware that allows for extracting passwords, cookies, screen desktop from browsers and programs.

According to nulled[.]to:

Supported browsers

Chromium Based: Chromium, Google Chrome, Kometa, Amigo, Torch, Orbitum, Opera, Opera Neon, Comodo Dragon, Nichrome (Rambler), Yandex Browser, Maxthon5, Sputnik, Epic Privacy Browser, Vivaldi, CocCoc and other Chromium Based browsers.

- Stealing FileZilla

- Stealing an account from Telegram

- Stealing AutoFill

- Theft of wallets: Bitcoin | Dash | Monero | Electrum | Ethereum | Litecoin

- Stealing files from the desktop. Supports any formats, configurable via telegram-bot

Threat Analysis

Eredel is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

External References

Quick Facts

TypeAPT / Threat Group
Aliases2

Also Known As

Eredelwin.eredel

External Intelligence

Malpedia: win.eredel

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.
Eredel — APT / Threat Group | Threat Intelligence | CTIWATCH.COM