Threat actors are promoting Titan Stealer through their Telegram channel, a new Golang-based virus that steals information. The stealer is able to steal a wide range of data from infected Windows workstations, including screenshots, system information, system credentials from browsers and cryptocurrency wallets, and seized files. Upon execution, the malware uses the process hollowing technique to inject the malicious payload into the memory of AppLaunch.exe, the Microsoft.NET ClickOnce Launch Utility, a legitimate process.