Racoon Malware
News | 02/27/2020

Racoon – The nasty info-stealer compromises over 60 apps

About: The nasty Raccoon Stealer Malware has been found gathering sensitive data of the users from over 60 applications. It primarily spreads via exploit kits & phishing e-mails. Refer to the post to learn how it spreads & breaches your data privacy.

| News | Racoon – The nasty info-stealer compromises over 60 apps

Racoon – the malware that steals sensitive information from over 60 Apps

A devious malware named Racoon has been found stealing sensitive information of the computer users from over 60 applications. This new Racoon Malware is suspected of gathering vital user information such as login credentials, credit card details, crypto-currency wallets & browser information such as browser name, its version, search preferences, visited web-sites & much more!

Racoon Steals Information

According to the cyber-security analysts, the nasty Racoon Malware first surfaced to lime-light in April 2019. It is believed to be ever-developing & expanding its features since its first appearance.

Racoon as Malware-as-a-Service

What made it gain grounds amongst the cyber-criminals around the world is its availability as a MaaS (Malware-as-a-Service). The developers of this deceitful info-stealer smartly lowered down its cost from $75/week to $200/month for its customers. By doing so, the developers ensured a regular revenue stream for themselves.

They met the needs of cyber-crime aspirants, by offering them MaaS at a modest price & yet with a much richer set of features.

Racoon Malware as a Service

Raccoon Stealer MaaS model enabled its customers to customize the malware according to their needs by accessing an admin panel. It is evident that this nasty malware is also open to customers with minimal technical skills, thus enabling even the layman to develop cyber-criminal-like skills.

The Homespun Malware yet good enough!

Detailed analysis by cyber-security researchers reveal that Racoon Malware is written in C++ programming language. Exploit kits & phishing campaigns are suspected to be prime methods used by this malware to proliferate its infection.

In November 2019, raccoon stealer malware used some simple yet effective techniques to smartly evaded anti-spam messaging & email gateway of Symantec & Microsoft, the sources state. These techniques were also used to target myriad of financial institutions by employing Business Email Compromise (BEC) Attacks.

And now in February 2020, Racoon Malware is targeting over 29 Chromium-based web browsers such as Google Chrome & Opera. All these browsers have a similar code-base & folder structure, thus malware’s way of handling the gathered sensitive data too remains unchanged.

According to sources, Racoon Malware is using similar methodology to infect Mozilla-based applications.

The novel Wallet Scanning Feature of Racoon Stealer Malware

While searching for crypto-currency wallets on the infected systems, Raccoon Stealer primarily targets applications such as Jaxx & Exodus. The researchers state that just like other info-stealers, Raccoon Stealer malware scrutinizes the default application locations for wallet files. However, the new brainy wallet scanning feature of Racoon helps it to locate any wallet.dat file on the system.

Racoon locates Crypto-currency wallet

The nasty Racoon Malware has been previously employed by the developers to exploit well-known Vulnerabilities in web security & install on the systems. It is evident that the prime reason behind Racoon’s popularity is not its complexity, but its cost-effectiveness, customizable features & easy to deploy interface. These features let cyber-criminals target more number of applications installed on the victim’s device.

Employing security standards such as actively patching the web security vulnerabilities may help in preventing Racoon hacks. Also, the organizations should scrutinize third-party applications & platforms before adding them as an additional functionality to their systems.

Hits: 439

Leave a Reply

Your email address will not be published. Required fields are marked *

Did you find the article informative? Yes NO

Get Regular Updates Related to All the Threats

Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.

Virus Removal Guidelines
Plot No 319, Nandpuri- B Pratap Nagar
Jaipur
Rajasthan 302033
Phone: +91 9799661866