OTX Bot<p>MaaS Appeal: An Infostealer Rises From The Ashes</p><p>NOVABLIGHT is a NodeJS-based Malware-as-a-Service (MaaS) information stealer developed by a French-speaking threat group. It's sold as an educational tool but used for credential theft and cryptowallet compromise. The malware features heavy obfuscation, multiple anti-analysis techniques, and various data exfiltration methods. It can disable Windows Defender, sabotage system recovery, and inject malicious code into popular Electron-based applications. NOVABLIGHT employs comprehensive system enumeration, captures screenshots and webcam footage, and steals passwords from various sources. The threat actors use Telegram and Discord for sales and support, with licenses valid for up to a year.</p><p>Pulse ID: 688bcc2443b220b3ccb77c5c<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/688bcc2443b220b3ccb77c5c" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/688bc</span><span class="invisible">c2443b220b3ccb77c5c</span></a> <br>Pulse Author: AlienVault<br>Created: 2025-07-31 20:03:48</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/Discord" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Discord</span></a> <a href="https://social.raytec.co/tags/Education" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Education</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/InfoStealer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoStealer</span></a> <a href="https://social.raytec.co/tags/MaaS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MaaS</span></a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://social.raytec.co/tags/MalwareAsAService" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MalwareAsAService</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/Password" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Password</span></a> <a href="https://social.raytec.co/tags/Passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Passwords</span></a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RAT</span></a> <a href="https://social.raytec.co/tags/RCE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RCE</span></a> <a href="https://social.raytec.co/tags/Telegram" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Telegram</span></a> <a href="https://social.raytec.co/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> <a href="https://social.raytec.co/tags/Word" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Word</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AlienVault</span></a></p>