• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Credential Stealer Malware Raccoon Updated to Obtain Passwords More Efficiently

You are here: Home / General Cyber Security News / Credential Stealer Malware Raccoon Updated to Obtain Passwords More Efficiently
August 1, 2022

Security industry experts from on the net system Zscaler have published an analysis of the new variant of the acknowledged Raccoon Stealer malware.

Creating in an advisory last Friday, Zscaler said the new version of the malware is published in C, contrary to past variations which have been predominantly prepared in C++.

Raccoon Stealer 2. options a new again-close and front-end, and code to steal qualifications and other data additional competently.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The novel variation of the credential stealer can also perform on 32 and 64-little bit programs without having the will need for any extra dependencies, in its place fetching eight reputable DLLs right from its C2 servers (in its place of relying on Telegram Bot API).

The C2 is also dependable for the malware’s configuration, such as apps to focus on, URL hosting the DLLs, and tokens for facts exfiltration. The servers then acquire equipment fingerprint details and hold out for personal Publish requests containing stolen facts.

The sorts of information stolen by Raccoon Stealer 2. reportedly include things like process fingerprinting data, browser passwords, cookies, autofill details and saved credit history playing cards, cryptocurrency wallets, documents located on all disks, screenshots and installed application lists.

“We have also witnessed a change in how Raccoon Stealer v2 hides its intentions by making use of a mechanism exactly where API names are dynamically solved somewhat than being loaded statically,” Zscaler wrote.

For context, the Raccoon Stealer operation reportedly shut down in March 2022, following the demise of a person of the direct builders for the duration of Russia’s invasion of Ukraine.

The staff then wrote on dark web community forums indicating they would return, in accordance to an assessment from security analysts at Sekoia, with a website submit on an undisclosed dark web discussion board suggesting the Raccoon Stealer 2. was previously under advancement in Might.

“Raccoon Stealer offered as Malware-as-a-Assistance has become preferred about the earlier several a long time, and various incidents of this malware have been noticed,” reads the Zscaler analysis.

“The Authors of this malware are continually incorporating new options to this spouse and children of malware. This is the 2nd key release of the malware following the 1st release in 2019. This displays that the malware is very likely to evolve and remain a continuous risk to companies.”


Some components of this short article are sourced from:
www.infosecurity-journal.com

Previous Post: «Cyber Security News Austrian Investigation Reveals Spyware Targeting Law Firms, Finance Institutions
Next Post: LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload lockbit ransomware abuses windows defender to deploy cobalt strike payload»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors
  • Top 10 Best Practices for Effective Data Protection
  • Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks
  • Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks
  • [Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications
  • Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit
  • Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails
  • Pen Testing for Compliance Only? It’s Time to Change Your Approach
  • 5 BCDR Essentials for Effective Ransomware Defense
  • Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

Copyright © TheCyberSecurity.News, All Rights Reserved.