• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Credential Stealer Malware Raccoon Updated to Obtain Passwords More Efficiently

You are here: Home / General Cyber Security News / Credential Stealer Malware Raccoon Updated to Obtain Passwords More Efficiently
August 1, 2022

Security industry experts from on the net system Zscaler have published an analysis of the new variant of the acknowledged Raccoon Stealer malware.

Creating in an advisory last Friday, Zscaler said the new version of the malware is published in C, contrary to past variations which have been predominantly prepared in C++.

Raccoon Stealer 2. options a new again-close and front-end, and code to steal qualifications and other data additional competently.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The novel variation of the credential stealer can also perform on 32 and 64-little bit programs without having the will need for any extra dependencies, in its place fetching eight reputable DLLs right from its C2 servers (in its place of relying on Telegram Bot API).

The C2 is also dependable for the malware’s configuration, such as apps to focus on, URL hosting the DLLs, and tokens for facts exfiltration. The servers then acquire equipment fingerprint details and hold out for personal Publish requests containing stolen facts.

The sorts of information stolen by Raccoon Stealer 2. reportedly include things like process fingerprinting data, browser passwords, cookies, autofill details and saved credit history playing cards, cryptocurrency wallets, documents located on all disks, screenshots and installed application lists.

“We have also witnessed a change in how Raccoon Stealer v2 hides its intentions by making use of a mechanism exactly where API names are dynamically solved somewhat than being loaded statically,” Zscaler wrote.

For context, the Raccoon Stealer operation reportedly shut down in March 2022, following the demise of a person of the direct builders for the duration of Russia’s invasion of Ukraine.

The staff then wrote on dark web community forums indicating they would return, in accordance to an assessment from security analysts at Sekoia, with a website submit on an undisclosed dark web discussion board suggesting the Raccoon Stealer 2. was previously under advancement in Might.

“Raccoon Stealer offered as Malware-as-a-Assistance has become preferred about the earlier several a long time, and various incidents of this malware have been noticed,” reads the Zscaler analysis.

“The Authors of this malware are continually incorporating new options to this spouse and children of malware. This is the 2nd key release of the malware following the 1st release in 2019. This displays that the malware is very likely to evolve and remain a continuous risk to companies.”


Some components of this short article are sourced from:
www.infosecurity-journal.com

Previous Post: «Cyber Security News Austrian Investigation Reveals Spyware Targeting Law Firms, Finance Institutions
Next Post: LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload lockbit ransomware abuses windows defender to deploy cobalt strike payload»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks
  • How to Interpret the 2023 MITRE ATT&CK Evaluation Results
  • Iranian Nation-State Actor OilRig Targets Israeli Organizations
  • High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
  • Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable
  • Mysterious ‘Sandman’ Threat Actor Targets Telecom Providers Across Three Continents
  • Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge
  • The Rise of the Malicious App
  • China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers
  • Cyber Group ‘Gold Melody’ Selling Compromised Access to Ransomware Attackers

Copyright © TheCyberSecurity.News, All Rights Reserved.