Dark Partners Cybercrime Group

The "Dark Partners" cybercrime group is a major threat to cryptocurrency users, executing large-scale thefts through fake websites that impersonate AI tools, VPN services, and popular software. Active since May 2025, they operate over 250 malicious domains, targeting victims in the U.S., EU, Russia, Canada, and Australia.

Dark Partners Cybercrime GroupDark Partners Cybercrime Group

Their primary malware, Poseidon Stealer for macOS and PayDay Loader for Windows, enables the theft of cryptocurrency wallets and sensitive data. Dark Partners impersonate at least 37 popular applications and use advanced evasion techniques, including stolen code signing certificates.

Dark Partners Cybercrime GroupDark Partners Cybercrime Group

By manipulating search engine results, they direct victims to malicious sites that mimic legitimate software downloads. Their malware employs persistent mechanisms to maintain access to compromised systems, making Dark Partners one of the most sophisticated cryptocurrency theft operations of 2025.

NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Z Plus Security