Phantom Project Offers Malicious Bundle Including Infostealer and RAT

The Phantom Project is offering a malicious bundle for sale that includes an infostealer, crypter, and remote access trojan (RAT). The Phantom Stealer .NET component specifically harvests browser credentials, cookies, payment card details, and active sessions as part of a stealer-as-a-service model. No specific threat actors, affected organizations, or exact deployment dates were disclosed in the report. The tool operates as a subscription-based service, though pricing details were not provided. The primary impact involves unauthorized data exfiltration and potential follow-on attacks leveraging stolen credentials. No CVEs or additional technical indicators were mentioned.