Increase in PXA Stealer Malware Attacks on Financial Institutions

CyberProof researchers identified a 10% increase in PXA Stealer malware attacks targeting financial institutions during the first quarter of 2026. The malware, classified as an infostealer, exfiltrates stolen data via Telegram channels. The campaign specifically focuses on banks and other financial firms, though no geographic targeting details were provided. No CVE IDs or additional technical indicators were disclosed in the report. The primary impact involves unauthorized data extraction from compromised systems.