Airstalk Attacks: Nation-State Malware Goes Incognito with Stolen Certificates

Meet Airstalk, the malware with a flair for espionage and comedic timing—misusing the AirWatch API like a teenager sneaking out past curfew. This Windows-based mischief-maker is available in PowerShell and .NET variants and is suspected of playing a starring role in nation-state supply chain attacks. Keep your cookies close; Airstalk’s got a sweet tooth!

1P
Published: October 29, 2025 10:11 amAdded: October 29, 2025 at 3:21 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like someone’s been shopping in the malware aisle and picked up a fresh batch of Airstalk, now available in PowerShell and .NET flavors! It’s like a supply chain attack but with more tech-savvy and less guilt about your online shopping history. Just remember, cookies are for browsing, not for sharing with strangers!

Key Points:

  • Airstalk is a new malware family targeting Windows systems, available in PowerShell and .NET versions.
  • It abuses the AirWatch API for covert command-and-control communication.
  • The malware is designed to swipe sensitive browser data like cookies and browsing history.
  • .NET variant shows more advanced capabilities and targets additional browsers.
  • Suspected to be used by a nation-state actor in a supply chain attack.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?