MicroStealer, a fully capable infostealer, is spreading rapidly with minimal detection from traditional security tools. ANY.RUN researchers documented the malware across 40+ sandbox sessions within a month despite low public visibility. Distribution leverages compromised or impersonated accounts. The key insight: active, widespread infostealer proliferation is occurring under-the-radar, creating a detection gap that delays early containment signals security teams rely on.