News

Program for data theft Raccoon settled on 100 thousand PCs and is gaining popularity

In criminal circles, the new data-stealing program, Raccoon, is rapidly gaining popularity.

For several months, this information stealer, according to Cybereason, managed to infect more than 100 thousand Windows machines in North America, Western Europe and Asia.

The malware is not particularly complicated and does not use innovative techniques, but the business model of its creators – MaaS – allows attackers quickly and with minimal labor earn money by stealing confidential information. A study of relevant topics in shadow communities has shown that Raccoon is currently in the top ten of malware programs by the number of forums mentioned.

“Managing the malware does not require special technical training that it makes it attractive to a wide audience. Moreover, Raccoon developers are constantly improving it and quickly respond to customer comments”, — Assaf Dahan and Lior Rochberger analysts write on the Cybereason Nocturnus team blog.

Researchers from Cybereason first discovered Raccoon in April this year. A malicious program written in C++ can be distributed in various ways: using exploit packs (including Fallout and RIG), via malicious email newsletters, downloading from the web along with pirated copies of legitimate applications.

Read also: Attackers actively use the fresh Checkm8 jailbreak for their own purposes

After installation, the malware proceeds to search for bank details, crypto-wallet addresses, passwords, email credentials, information about the system, as well as information stored in popular browsers. Raccoon accumulates its findings and sends it to its operator. Despite the breadth of interests, the set of functions of the malware is not especially rich, it does not even know how to register keystrokes.

“Though the Raccoon stealer may not be the most innovative infostealer on the market, it is still gaining significant attention in the underground community. Based on testimonials from the underground community, The Raccoon team provides reliable customer service to give cybercriminals a quick-and-easy way to commit cybercrime without a huge personal investment”, — report Assaf Dahan and Lior Rochberger.

The developers of the new infostiller presumably have Russian origin and speak Russian. The malware was initially offered for sale only on Russian-speaking forums, and now it is advertised in English-speaking circles. Raccoon tenants pay $200 a month; the service package includes access to an automated backend panel, hosting and technical support.

The new MaaS malware is still under active development, but experts believe that the explosive growth in the popularity of Raccoon among the cybercriminals can turn it into a serious threat – like Azorult.

Polina Lisovskaya

I works as a marketing manager for years now and loves searching for interesting topics for you

Recent Posts

Remove News-xbuhoxu.store Pop-up Ads

About News-xbuhoxu.store News-xbuhoxu.store pop-ups can not open out of nowhere. If you have actually clicked…

3 hours ago

Remove News-xbadeyo.today Pop-up Ads

About News-xbadeyo.today News-xbadeyo.today pop-ups can not introduce out of nowhere. If you have clicked on…

3 hours ago

Remove News-bbutohu.info Pop-up Ads

About News-bbutohu.info News-bbutohu.info pop-ups can not open out of nowhere. If you have actually clicked…

3 hours ago

Remove News-bbucoxe.today Pop-up Ads

About News-bbucoxe.today News-bbucoxe.today pop-ups can not launch out of the blue. If you have clicked…

3 hours ago

Remove News-xdetake.cc Pop-up Ads

About News-xdetake.cc News-xdetake.cc pop-ups can not expose out of nowhere. If you have clicked on…

6 hours ago

Remove News-bbufiya.today Pop-up Ads

About News-bbufiya.today News-bbufiya.today pop-ups can not expose out of nowhere. If you have clicked some…

6 hours ago